[IAG] After enabling access proxy decryption, the customer’s dacs workspace software cannot access the intranet
Problem Description
After enabling access proxy decryption, the customer's dacs workspace software cannot access the intranet
Effective troubleshooting steps
- The current other party's software found that the traffic was accessed by the decryption proxy and could not be accessed. Adding the corresponding intranet IP in the decryption exclusion policy still cannot be accessed normally.
- Coordinate with R&D to investigate and find that after eliminating the problem, the traffic is still allowed to Ingress Client proxy, and the other party's software access is abnormal due to the conflict between us and the other party.
- The current research and development will use the private network address of the intranet (A/B/C private network address completely excludes the decryption proxy) normally
solution
Upgrade optimization package KB-AC-20230920-335-01 to solve
Operation Impact Scope
This optimization package excludes all traffic with the target address being a private network address of class ABC from being decrypted. Please pay attention to communicating with customers. Upgrading the optimization package will not affect business.
Original Link
https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=24497&isOpen=true