Affects product
- Airlock Gateway
Although everything seems to be configured correctly, Back-side Kerberos SSO does not work. A deeper analysis of the network is required to see which packets are sent and received by Airlock Gateway.
The Techzone article (Ergon) Techzone - Tcpdump describes how to record a tcpdump on Airlock Gateway.
Ensure that Airlock Gateway is configured to record the SSL keys as well, in order to decrypt the SSL/TLS traffic later on. Otherwise, an analysis might be impossible.
WR-SG-CONNTRACE
log message to the corresponding packets in the tcpdump.KRB5KRB_ERR_GENERIC
are in the tcpdump could indicate a timing synchronization.In case of outdated links or bad content, please let us know by sending an email with a short description of your findings. Thank you very much!