An office finishes installation of Secospace TSM, and does the test. Find that client can access to post-authentication domain whether it is authenticated or not authenticated. The access control is disabled.
1. Checked the status of server by using command “display right-manager server-group”, the result is active. So the cooperation is successful.
2. Checked the configuration, ACL 3099 applied in domain.
3. Checked the dialog table, and found that data go through SACG.
4. Used command “display acl 3099”, and found emergency channel is open. Checked again and found “right-manager server-group active-num 2”, but user had 1 PC, delete this setting, and problem is solved.
1. Failed to cooperation with SACG
2. In post-authentication domain, ACL 3099 didn’t apply.
3. Policy routing is disabled, so user data didn’t go through SACG.
Command “right-manager server-group active-num” is the minimum number of TSM server which connected with USG. When active server is less than this number, SACG would open emergency channel.