I am looking into why a client is unable to access a resource on one controller that he is able to access on a different local controller. I verified that he has the same role on both controllers. I monitored his session on both controllers and am seeing him get denied on one of them. The firewall policy that should allow him access includes a netdestination with named entries. Both controllers have DNS servers specified and include "ip domain lookup". Both controllers can ping the named entry in the netdestination. The only difference I can see is one controller is a 3600 and the other a 3200XM.
It appears as though the 3200XM isn't working with named entries in netdestinations. I am working up a test today to confirm this is the case, but wanted to throw it out there to see if anyone has seen this before. And to confirm, only a DNS server and "ip domain lookup" are required for named entries, right?
#3600