Hi,

esersekizinci · ‎12-24-2016

Hi, I am using the vWSA version : 9.2.0-075

In my case I have two different access policies, my device already integrated with my AD and I have 2 users one of them is Administrator and other one is also standard user.

But in my system I have one client computer and these 2 users can access the same pc in different times. When I try to standard user my vwsa can blocks the all links and categories but when I log off the std user and login with Admin user vWSA still blocks the all urls and categories.

But In my policies I have gave full access the administrator groups and users, and I have restirct the other Users groups.

I guess I have faced the same IP address policy, how can I achieve this problem ?

Best regards.

Eser 8Th

In photos : sefil is std user

sekizinci is admin user

Handy Putra · ‎12-26-2016

Hi,

It sounds that you are using IP Address as authentication surrogate.

You can check this in your Identity -> authentication surrogates.

When you are using IP address authentication surrogate, the appliance will remember the user based on the IP address untill the surrogate timeout (default value is 1 hour).

For share machine, would recommend to use cookie surrogate (session) therefore if different user log in to the same machine that has same IP address, WSA will still getting the correct user credentials information from the browser cookie that contains those info back to WSA.

However note, if you are using cookie based surrogate, you will need to configure the redirect hostname (single word hostname) and that hostname will need to have DNS entry to be resolvable to your WSA data IP address (GUI -> Network -> Authentication -> Authentication Settings -> Redirect Hostname)

WSA Different Access Policies in same Computer.