Unified Agent redirects or connects to wrong datacenter
search cancel

Unified Agent redirects or connects to wrong datacenter


Article ID: 165553


Updated On:


Cloud Secure Web Gateway - Cloud SWG


On the client system, localized services such as Google or Yahoo connect to the wrong country.  In addition, you may be experiencing slow connection speeds.


Unified Agent connects to ThreatPulse datapod, which discovers from where you are connected. For example, if your Unified Agent instance connects from the UK external facing DNS server, it connects to the web from one of the UK region datacenters. If your configured external facing DNS (typically your ISP DNS) does not pair with your location, you might connect to the web from another country's datacenter IP address.


To verify, follow these steps:

1. From a test PC, disconnect/bypass from Unified Agent.

a. Go to http://test.threatpulse.com/ and to determine to connection location (not protected).

b. Go to http://www.geoiptool.com/ and see what is the external facing IP address

2. Use NSLOOKUP to resolve the following URLs (connected/disconnected).

  •   whoami.akamai.com - This usually resolves to your configured primary external facing DNS IP address.
  •   proxy.threatpulse.com - This resolves to the target datapod IP address.

3. If item #1 and #2 indicates that you are not exactly where you are physically located, you most likely require another DNS server to configure with your machines; repeat the above steps.

Verify these IP addresses (for its region/country) by visiting http://www.geoiptool.com/ .

NOTE: Symantec has no control of ISP DNS and their published locations nor how they decide to route the traffic from region to region, which might result in off-location. Contact your ISP for off-location DNS.