This issue occurs because UserID Caching is disabled. This causes some packets to be dropped due to LDAP AD communication timeouts. By default, UserID Caching is disabled in IWSVA.
To address this issue, enable UserID Caching using the steps below:
- Look for and open the intscan.ini file using a text editor.
- Look for the following parameter and change its value to "yes" to enable cache.
enable_ip_user_cache
- Save and close the intscan.ini file.
- Execute the following commands to restart the HTTP daemon:
#/etc/iscan/S99ISproxy stop
#/etc/iscan/S99ISproxy start
If you do not want to enable UserID Caching, you can add the URL(s) to the Global Trusted List to bypass the LDAP authentication when accessing the site. To do this:
- Log in to the IWSVA web console.
- Go to HTTP > URL Access Control > Global Trusted URLs
- Select the Enable Trusted URLs checkbox.
- Type in the following in the Match field:
http://www.domain.com/
- Click Trust to add the URL to the list.
- Click Save for the changes to take effect.