About the IDex client

The IDex client is responsible for user identification as part of the IDex solution that identifies users in a wide variety of wide-area networks where link speed and reliability cannot be guaranteed at the level that you want. It's a miniature local proxy that you install on Windows-based devices that provides identification of each outgoing web request in terms of the user on the device making that request. It means that multiple users can be logged in at a single station, without the conflict of who’s doing what because each connection is individually identified.

You should only use the IDex client in place of an Active Directory (AD) on networks where connectivity to the AD from the Smoothwall Filter is difficult or on a low-bandwidth link, such as widely distributed education networks or VPN/L2TP-connected satellite office topologies. We don't recommend that you use the IDex client on remote devices, where connectivity to web filter is via the Internet, or for web traffic automatic filtering from applications that don't or can't use explicit proxy settings. The IDex client uses a similar technology to the Connect Filter but no authentication takes place. The user's and group's membership details are carried to the Smoothwall Filter and trusted implicitly.

You should only use the IDex client in trusted networks. Therefore, you can only select internal (Basic) interfaces. If you need external connectivity, for example, for those devices taken and used off-site, or remote connected devices, we recommend that you use Connect Filter.

If your Smoothwall Filter uses a load balancer, you can use the virtual IP address assigned to the service as an IDex client interface. You can configure such addresses on the Settings page (see our help topic, Configuring the web proxy) before they can be used in the Connect Filter or IDex Client page.

All interfaces configured on your Smoothwall are available for use with the IDex client by default, but you must turn them on. New interfaces configured for use with Connect Filter are given an active state by default and you can turn off interfaces temporarily, without removing them from the configuration. The IDex client writes any connection errors to the Application event log of the Windows-based device. Log entries are prefixed with IDexClient.

Troubleshooting

IDex is very simplistic and there is very little information to troubleshoot. Basic troubleshooting information is available in the appropriate system log pertaining to connection errors. Errors from IDex itself are recorded in the Windows Event log in the Application log section under the identifier IDexClient.

Performance issues

If you experience lack of performance, you can disable the IDex Inspection Driver by setting the DriverMode registry setting to Off.

Interactivity with third-party software

If you encounter a problem when trying to use the IDex client with third-party software, force the IDex Inspection Driver by setting the DriverMode registry setting to On.

Failure to connect

This might be because you are using software like Microsoft's DirectAccess that uses HTTPs to establish tunnels back to the corporate network on some systems. To fix this, exclude the tunnel's endpoint from the proxy configuration. For example, the external IP/host configured in the DirectAccess Server configuration.

In a multi-tenant setup, make sure that the internal IPv4 address of the DirectAccess server is part of the tenant configuration so that the correct web filter policies are applied. An IP address cannot be in more than one tenant.

Note: You can't install Connect Filter and IDex client together on the same device.