All user session details (i.e., IP address, username, user bookmarks etc.) will be cached on the Pulse Connect Secure (PCS) local node Authentication server.
To access/view the username cache details, access Authentication > Auth. Server > Select the Auth server > Users.
Users who have logged into PCS cluster setup will be a local user to that node. Through session synchronization settings, user sessions can be be synced from local node to non-local nodes.
To access/view the session synchronization settings, access System > Clustering > Cluster Properties > Synchronization Settings.
Once the user logs out from an active session, the non-local node will delete the user session after 15 mins (approx). The log entry will be displayed on non-local node as shown below:
To access/view the log entry details, access Logs/Monitoring > Admin Access Log Since the PCS is configured in cluster, the data will be synced between the nodes. The synchronization will cause the user session of the logged out user to be deleted on local node. When a new user logs in, the logged in user will be assigned with the same IP address of the logged out user.This behavior is expected and is working as designed with cluster (A/P or A/A) environment only. For standalone setup, IP is cached for 24 hours.Example: Consider this scenario where a User1 connects to node1 and disconnects. After 15 minutes, User 2 connects to node 1.
|User Accounts modified. Removed username xxxx from authentication server.|
User1 connects to node 1.
User1 will get IP address from the IP pool/DHCP configured.
By default session synchronization is enabled creating cluster, node1 will try to sync the sessions to node2 (i.e., IP address, username etc.)
User1 logged out his/her session.
An internal clean up script clears the non-local users cache on node2 within 15 minutes (approx).
Once the clean up script is executed, the below log entry will appear on the admin access log of node2.
|"User Accounts modified. Removed username xxxx from authentication server."|
Through cluster data synchronization, User1 deleted details will be synced to node1.
When new user User2 is logged into node1/node2, user 2 will be assigned with the same IP address (since the cache details were deleted).