Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
690
Views
0
Helpful
2
Replies

eun_internal_group Identification Profile Information

cg3
Level 1
Level 1

‎10-11-2018 07:10 PM

Does anyone have any information on eun_internal_group Identification Profile? Can't find any info on it.

 

Trying to troubleshoot an issue with Identifty profiles in WSA where the identity Profile is being matched on that. 

 

If it wasnt matching any of the profiles I had created it should match on DefaultIdentification profile. But with this particular trace its showing up as  matching on eun_internal_group Identification Profile and being blocked.

 

I have tried creating a new profile for unauthenticated users at the top of the profiles list going to the site in question and it still not matching and showing up as matching identification profile eun_internal_group.

 

thanks all

 

 

Labels:
0 Helpful
2 Replies 2

Handy Putra
Cisco Employee
Cisco Employee

‎10-11-2018 07:29 PM

Hi,

 

eun_internal_group is actually a internal built in identification in the WSA to itself. This nomally occurs when it is trying to redirect the traffic to itself such as for the appliance to display its internal notification page or block page.

 

Does you identity has End-User Acknowledgement enabled and is it been configured correctly?

 

In order to dig this deeper, would require the accesslogs, configuration of Identity and EUN or configuration file and possible remote tunnel access to the appliance service level. Since these are sensitive information, would recommend to open a Cisco TAC case for the engineer to assist you in the troubleshooting.

 

Regards

Handy Putra

0 Helpful

cg3
Level 1
Level 1
In response to Handy Putra

‎10-14-2018 07:28 PM

Thank you Handy. Isnt related to EUN.

 

I can see in the logs that an unauthenticated user is being denied from accessing the pac file which is hosted on the WSA.

When i ran a trace I can see it blocked with identification profile: eun_internal_group and access policy Global access policy.

 

I've tried adding the http://WSAHostname/pacfilename,pac to the no authentication group so anyone should be able to get to it. Also tried creating a new identity and policy at the top of the policies to allow anyone to get to that location. 

 

The trace doesnt pick up the changes I have done. Just blocks it.

 

thanks

 

 

0 Helpful
Customers Also Viewed These Support Documents