Showing results for 
Search instead for 
Did you mean: 

CSS One Arm Configuration - Authentication Issue with AD


Dear All,

We have 2 web server in our organization. Web1 - and Web2 - When I logging in to one of the server it automatically take my domain credentials and I can log in easily.

Due to load increase we bring it under one of our load balancer 11501 as One arm position. Here load balancer VIP IP is is in seperate vlan with 172.16.11.x IP Block. Both the servers and load balancer are on seperate segment or rather I should say different site. The service port is 80 which we have confiured as service in lb and these web servers are running windows IIS.


Problem no 1: When I try to access using IP as URL such as then I have to give my username/password once and I can use the application. But previously I do not even have to give my username/password.

Problem No 2: We have given DNS entry for as TESTWEB. When I try to login by URL http://TESTWEB then it promts for username/password. and won't allow us to login after giving the username/password.

I am not sure how to diagnos this issue. Can any body suggest what might causing this problem. Also if we bring the server directly under the ld will it solve the case. Please help me.



1 Reply 1

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

Hi Adnan,

To troubleshoot this issue, I would recommend you to make two sets of traffic captures:

  • On the client, when the CSS is being bypassed
  • On both sides of the CSS simultaneously when the traffic is going through the CSS

Once you have these captures, you can look into the application itself and compare the behavior to the one seen when the CSS is bypassed. This should give you some hints on what exactly is failing.

If you need help analysing these captures, you can always open a TAC service request.



Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: