Account lock out issue
Hello folks,
I am a newbie and trying to help a user to troubleshoot his lock out issue. The details explanation for this goes ...
We have an ADFS VIP running on port 443 and 49443 set up through iAPP. It has X-forwarded for and insert_x-ms-forwarded-client-IP_NEWLOGIC iRules in place. The issue is a user is getting locked out every 10 minutes and we are trying to trace out the real server on which he is connecting to. The VIP is configured on Automap as a Source Address Translation. The traffic hits the Azure proxy server and then comes to ADFS VIP and then it goes to the real server. Can anyone suggest how can we find which server is serving the request for that particular user? We did try TCPdump and it mentions the connection from the floater IP to the real server but, then how can we find out that particular user's traffic? Any input will be appreciated.
TIA..