- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
07-04-2019 12:02 AM
Hi Team,
I am having an query regarding the Captive Portal issue. Herewith, I have network flow diagram to understand better on the scenario.
Network Schema:
**** Both end Firewall are of same device Palo Alto only.
=> From Head Office Firewall, we are able to reach the AD Server residing on Data Center Firewall without any issues. However while I am checking the status on Server Status it is showing as " Connection Timed Out".
=> Credentials that we have given to authenticate the server is under the administrator role for the AD Server.
=> Due to this User-IP-Mapping is not happening on the Head Office Firewall. So we need to sort of the Connection Timed Out problem of that AD Server.
So please share us your inputs for the same on how to resolve this issue and i am eagerly waiting for an update on this regards. Thanks in advance !!
Best Regards,
Sahul Hameed
07-04-2019 07:52 PM
Was this working previously or is it a new setup? You'll want to ensure that you have granted the user permissions to Event Log Readers, Server Operators, and Distributed COM Users to actually be able function correctly.
07-04-2019 09:56 PM
Thanks for your response !!
This is not a new setup, it was previously worked as expected however suddenly it is not working for the past 3 days.
Yes, I have verified all the user level permission is added for the service user which is used under WMI Credentials.
Please let me know if you have any additional query in order to find a solution on this issue. Thanks in advance !!
Best Regards,
Sahul Hameed
07-05-2019 07:22 AM
If that's the case I would reach out to TAC so that they can take an in-depth look at the useridd.log file and see if it gives any additional information as to why the connection isn't functional, such as a stat_tls_s return error or something of the sort. It could also be worth simply restarting the management server if you haven't already done so to cycle the associated processes.
07-05-2019 08:06 AM - edited 07-05-2019 08:07 AM
Thanks for your suggestion, I will give it a try by restarting the Management server and see if that help us in this scenario.
Best Regards,
Sahil Hameed
07-05-2019 10:11 AM
Hello,
Also check the logs to see where you are getting dropped. By default the PAN will use the management interface to communicate with the agents.
Regards,
07-13-2019 12:37 AM
I have tried restarting the Management Server but unfortunately that doesn't help in this scenario.
Sure, I will check on this as well and let you know with an update.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!