|Applies To||Windows 7 agent|
Does the IP shown in the IP address override actually matter? Yes, for initial authentication it is used in the encryption algorithm so should match the Authentication Agent Primary Address. For Agent Auto-Registration it controls which IP is presented to Authentication Manager
Let me explain in more detail:
- As users move around they will connect to the network and obtain different IP address from DHCP
- our DNS server manages these network changes and matches the device ID to the IP address
- in some cases, when the PC connects to a different network (obtaining a different ip address), RSA will not recognize the change. For example, if a laptop is connected to network via VPN it will obtain an address like 184.108.40.206. If it then connects here at spruce grove it will then obtain an address like 192.168.37.20. However in RSA Client the IP address will remain stuck at 220.127.116.11, therefore if you try authenticating to the RSA server it will fail.
- As I indicated earlier, with RSA 6.13 for XP you could go into the setting and change the ip to be the correct current ip address.
- I should point out that all other network parameters are working, i.e. I can ping the WS with the DNS name, I can remote into the WS with support account, just RSA authentication fails due to incorrect determined network address.
|Issue||IP address override setting in the RSA Windows Agent Security Center or Control Center is grayed out|
Offline data downloads fail
|Cause||Windows Agents were configured with just a short name, so they auto-registered as AM agents with the short name, but DNA name resolution adds DSN suffix or Domain info to create a Fully Qualified Domain Name, FQDN. This causes problems when DHCP assigns a different IP address|
The IP address override is grayed out because Agent is using Agent Auto-registration. You do not want something hardcoded here that differs from the DHCP address, so the Agent software updates this and prevents even administrators from changing it.
|Resolution||An alternate ?fix? or workaround. Add the correct Domain suffix to this Workstation, because it has been configured by short name, but DNS has the FQDN. So when the IP address changes, the agent requests to register by Short name, but Name resolution is tied to FQDN.|
|Legacy Article ID||a62706|