Before configuring LDAP authentication on IWSVA deployed in transparent
mode (bridge and WCCP), review the following criteria to ensure each item
is fully met.
A valid hostname must be assigned
in the Deployment Wizard when configuring Transparent Bridge or WCCP modes.
The same hostname must also be entered in the corporate DNS server.
Ensure that the user ID cache is
enabled. By default, this is enabled. If it has been disabled for any
reason, it must re-enabled before enabling transparent mode authentication.
You can enable user ID cache using the configure
module ldap ipuser_cache enable command in the CLI.
By default, IWSVA keeps user ID
cache information for up to 1.5 hours. If you need to lower the cache
time out value, use the configure
module ldap ipuser_cache
<interval> command in the CLI to set a shorter cache interval.
If authentication is enabled, IWSVA
will block all non-browser applications trying to access the Internet.
For example, the MSN application might try to access the Internet before
the user has a chance to log in the IWSVA server. If this happens, the
application will be blocked as the user has not successfully authenticated
to IWSVA. You can perform one of the following: