Issue:
We're running a Web Agent on IIS, and when we request a resource, we don't get it in the browser and the Web Agent reports the error :
[04/03/2018][10:37:26][1896][5652][CSmHighLevelAgent.cpp:321][ProcessRequest][0000000000000000000000005e7a320a-0768-5ac34b56-1614-00a84ae1][][][][][][Start new request.]
[04/03/2018][10:37:26][1896][5652][CSmResourceManager.cpp:75][CSmResourceManager::ProcessResource][0000000000000000000000005e7a320a-0768-5ac34b56-1614-00a84ae1][][][][][][Calling SM_WAF_HTTP_PLUGIN->ProcessResource.]
[04/03/2018][10:37:26][1896][5652][CSmResourceManager.cpp:94][CSmResourceManager::ProcessResource][0000000000000000000000005e7a320a-0768-5ac34b56-1614-00a84ae1][][][][][][SM_WAF_HTTP_PLUGIN->ProcessResource returned SmExit.]
[04/03/2018][10:37:26][1896][5652][CSmResourceManager.cpp:160][CSmResourceManager::ProcessResource][0000000000000000000000005e7a320a-0768-5ac34b56-1614-00a84ae1][][][][][][Plugins did not collect required resource data.]
[04/03/2018][10:37:26][1896][5652][CSmHighLevelAgent.cpp:348][ProcessRequest][0000000000000000000000005e7a320a-0768-5ac34b56-1614-00a84ae1][][][][][][ResourceManager returned SmExit, end new request.]
[04/03/2018][10:37:26][1896][2196][CSmHighLevelAgent.cpp:321][ProcessRequest][0000000000000000000000005e7a320a-0768-5ac34b56-0894-00a83d6c][][][][][][Start new request.]
[04/03/2018][10:37:26][1896][5652][CSmLowLevelAgent.cpp:3567][ReportHealthData][][][][][][][Accumulating HealthMonitorCtxt.]
Our Web Agent has a firewall in front which does NAT addresses translation. How can we solve this?
Resolution:
In Web Agent ACO, set DisableDNSLookup to yes.
This parameter will disable DNS lookup for all request. You can safely do this as it will also prevent DOS attack as stated by the documentation :
DisableDNSLookup No
Specifies whether to disable DNS lookups to help prevent DNS denial of service attacks. See Help Prevent DNS DOS Attacks.
Pay attention that the syntax of the parameter is correct :
Web Agent :: ACO : DisableDNSLookup Syntax
https://comm.support.ca.com/kb/web-agent-aco-disablednslookup-syntax/kb000050592
List of Agent Configuration Parameters
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/web-agent-configuration/list-of-agent-configuration-parameters
KB : KB000076231