janhosselaer
Contributor
Contributor

Connectors in outbound mode and load balanced idm appliances

Hi all,

I have 3 IDM appliances setup in dmz behind a load balancer. Two connectors in outbound only mode are setup in the internal network for AD and Radius authentication. Everything is working fine with only 1 IDM appliance active behind the load balancer. Users are able to authenticate and log on to their applications.

The problem arises as soon as I activate the 2 other IDM appliances. Then users get the message that the connectors cannot be reached.

Anyone has seen this error?

Sticky sessions, x-forwarded-for and web sockets are configured on the load balancer.

I don't completely understand what the communication flow is. In a way I think it is logical the concept is not working.

For example: when a user logs on to the portal, the load balancer will send the request for example to idm01.

The 2 internal connectors, which are outbound-only, have an ssl connection open with idm03 (loadbalancer sent their request to idm03). If now idm01 has a authentication request, it will never get an answer from the internal connectors. Hence the error.

I am missing something?

0 Kudos
0 Replies