09-28-2012 07:12 AM
I am facing problem here that is driven my crazy. The Windows 7 machines send the manchine name instead of the username to my S160. As far as I noticed, it happens when the computer is not logged yet, so there's no user credentials and Windows 7 try to check connectivity using msftncsi.com.
Here I use surrogate IP address to all Identities and when the WBA block the connectivity check, the IP address get blocked as long as the Surrogate Timeout is configured.
Is there a soluction to it?
Could I use a Identitie using a Session Cookie? The problem is that, in this way the IP wouldn't be blocked and the unauthorized traffic would be cached on the computer instead of the WSA.
09-28-2012 08:09 AM
Andre,
What version are you running? 7.5 has a feature where it times out machine name based logins, typically caused by Microsoft's NSCI feature.
http://www.cisco.com/en/US/docs/security/wsa/wsa7.5/release_notes/WSA_7.5.0_Release_Notes.pdf
Bottom of page 8
Alternatively you can set up an identity for the NSCI feature that doesn't require authentication...
There are a couple of other ways to work around this feature in the 7.5 End User Guide.
Ken
09-28-2012 09:51 AM
Ken,
Thank you for the quick answer! In fact im not in version 7.5 as you said. I checked and the this version is available to upgrade. I verified that it has some changes in polices and other stuff, so it will be necessary some planning. But i'll do this upgrade as soon as possible.
Thank you again!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide