PAM Proxy Behavior in Dual NIC System
search cancel

PAM Proxy Behavior in Dual NIC System


Article ID: 191110


Updated On:


CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager - Server Control (PAMSC)


If a system has a setup of dual NIC installed and both are active, which NIC gets registered when the Proxy Service is turned on?


Release : 3.3



When the PAM Proxy starts up for the first time it registers with the PAM appliances which are configured in its cspm_client_config.xml

In this initial heartbeat various information about the host the Proxy runs on are transmitted.

In the PAM appliance an object for the Proxy host is being generated based on the heartbeat's payload and the IP address it came from.

Once registered, there is no way to change the IP address the PAM appliance communicates with the Proxy.

If the Proxy runs on a multi-homed box and several routes are available to the PAM appliance, the heartbeat is sent via the route with the least cost, according to the host's routing table.
The source IP of this route determines the IP address of the object for this Proxy in PAM.