Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1037
Views
0
Helpful
1
Replies

Ironport Basic Authentication Token

Go to solution
shane.clark2
Level 1
Level 1

‎12-11-2013 01:09 PM

We're a having an issue where our doctors are in a group where we allow streaming video, but the PA group is not allowed.

If the PA is logged in to the device, logs out, then the doctor logs in, they are not able to get to streaming video, and the deny message has the PA's credentials.

From what we've found, we believe this to be related to the "Basic Authentication Token TTL", which we have set at 3600 seconds.

Is there a way to force the ironport to get the new credentials when someone new logs in to the device?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎12-12-2013 01:09 PM

You may want to try using Session Cookie surrogates and see if this resolves your issue. If you have many users sharing the workstation in a short time period and you are using IP surrogates it will keep the auth token based on the machines IP address not the user logged in.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎12-12-2013 01:09 PM

You may want to try using Session Cookie surrogates and see if this resolves your issue. If you have many users sharing the workstation in a short time period and you are using IP surrogates it will keep the auth token based on the machines IP address not the user logged in.

0 Helpful
Customers Also Viewed These Support Documents