Back=right mouse click.
For improved performance, IWSVA caches the IP address for LDAP User ID and Group relationships. This cache applies the previously authenticated User IDs to future connections originating from the same IP for as long as is specified in the cache setting. The default value is 1.5 hours.
This relationship is not supported for certain network configurations though, namely a downstream proxy. You need to disable ID Cache for the following network configurations:
client > proxy > IWSVA
client > ICAP > IWSVA
client > firewall > IWSVA
In these configurations, the User's unique IP address would be masked if this feature were enabled—IWSVA sees only the downstream proxy rather than the originating client.
Warning: Do NOT disable user ID cache when IWSVA is in transparent mode.
Login IWSVA CLI interface and change to enable mode.
Type the following command:
configure module ldap ipuser_cache disable
ip_user_central_cache_interval—Specifies the duration for which the IP address / User ID remains valid. The default value is 1.5 hours.
user_groups_central_cache_interval—Specifies the duration for which the User / Group relationship remains cached. The default value is 48 hours. Decrease this value if your group relationships often change.
Proxy Scan Settings