Version: MA2.10-7147 (independent of version)
Symptom: Some site tests internal web authentication service. First they do not configure heartbeat check. Client clicks logoff and users can be offline normally. But if client directly closes IE window, MA5200F does not perceive users has been offline. In order to solve the problem, configure heartbeat time as ten seconds at MA5200F. When users pass authentication, ten minutes later they will change over domain before authentication. Change heartbeat time as 5, 15 or 20 seconds. It is still problematic.
1. Capture packets at client. Find that the interval of sending heartbeat packets is 30 seconds no matter how MA5200F configures the interval.
2. Check source file of authentication succeeds page and the heartbeat is 30 seconds.
3. Change heartbeat interval more than 30 seconds at MA5200F, Test it and the problem is solved.
For internal Web authentication, MA5200F check online users through heartbeat packets. If the equipment does not receive heartbeat packets from client within designated time, users will be changed over domain before authentication. The interval of sending heartbeat packets is designated one in source file of authentication succeeds page and default is 30 seconds. When the interval at MA5200Fdoes not reach 30 seconds and client does not send heartbeat packets, MA5200F recognizes users timeout and offline and changed users over domain before authentication.
There are other ways. Change the interval of the source file of Web authentication page. As long as the interval is less than that designated at MA5200F. Generally, change source file. If the interval is designated too little, users and MA5200F will have many heartbeat packets when internal Web authenticates many users and it also influences normal service.