[IAG] Click on the IAG built-in data center, and you will enter the firewall built-in data center
Problem Description
The customer called and said that after logging into the IAG, he clicked on the IAG's built-in data center and ended up entering the firewall's built-in data center.
Process——
- Confirm whether the customer is accessing the intranet or the extranet. The result is accessing through the extranet.
- Confirm whether the export device is a firewall device. The result is that the export device is a firewall device.
- Check whether the IAG version is before 11.X or after 11.X. The IAG version is IAG6.1.
- Check whether the IAG built-in data center port mapping is done on the firewall. The result is that it is not done.
Root cause
Because the port used by the built-in data center in versions before IAG6.X is port 85, which is exactly the same as the built-in data center port of the firewall. If port mapping is not done, external network access to the IAG built-in data center will jump to the AF built-in data center.
solution
Just map port 85 to IAG on the firewall.
Original Link
https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=6454&isOpen=true