[IAG] Access to an intranet server without going through IAG was blocked by IAG, and will be restored after going through directly
Problem Description
Access to an intranet server that does not go through IAG is blocked by IAG, and will be restored after IAG is connected directly
Effective troubleshooting steps
- Through-through test confirms that it works normally after enabling through-through
- After receiving customer feedback, a link will pop up first, and then a rejection page will pop up.
- Combining the phenomenon and customer strategy, the user matches the full rejection strategy, and the positioning is that the domain name detected by the browser is intercepted.
- After opening the detection domain name of the browser through the custom URL of the fault monitoring center, it works normally
Root cause
The browser automatically initiates a network probe before accessing the intranet server. Because the ac intercepts the network probe, the browser cannot access the service normally.
solution
The custom URL is normal after the browser detects the domain name
Original Link
https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=25353&isOpen=true