search cancel

PAM ACL is not working when going through LB

book

Article ID: 257944

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

PAM Admin is using PAM through a NetScaler Load Balancer successfully.  With their NetScaler configured with ssl-passthrough -> everything works fine.

However when they use a Gateway on her desktop -> their ACL for allowed access into PAM stop working.  The reason why is the IP address for their NetScaler only comes back (which is blocked). 

If they go directly to a PAM Appliance it works fine.

Environment

Release : 4.1.1

Resolution

In Citrix NetScaler, they have a setting called USIP (Use Source IP) -> which was not enabled on their NetScaler LB.  This keeps the source IP of the original pam client to work with her ACL.