https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/323209#M33 <P><SPAN>"You also say you're logged into</SPAN><SPAN>&nbsp;both machine and file sharing using domain\administrator. and then its changing source user to all network."</SPAN></P><P>&nbsp;</P><P><SPAN>Yes, exactly. as you can see on the capture as attached.</SPAN></P><P>&nbsp;</P><P><SPAN>i wonder, can i solve this issue by implementing agent mode ?</SPAN></P> Thu, 16 Apr 2020 16:24:36 GMT TowerBersamaGroup 2020-04-16T16:24:36Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322601#M19 <P>Hi All,</P><P>&nbsp;</P><P>I have setup global protect authenticated by LDAP. Before i started, here is my running version:</P><P>- PA Firmware : 8.1.5</P><P>- GP Version &nbsp;: 5.0.0</P><P>I found odd issue with global protect ldap authenticated user who accessing the private network.</P><P>&nbsp;</P><P>I have logged in global protect with ldap authentication, let's say its "domain\user1". i want to access file sharing network and it's required domain authentication, i authenticated using "domain\administrator". Oddly, my connection is suddenly dropped. i checked on monitoring traffic log, queried by my 'source ip' and it showed that my log traffic changing from "domain\user1" to "domain\administrator" and its affected to change my initial authenticated login global protect with accessing other network. For example, previously (source user "domain\user1" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) after i authenticated my domain account to access the file server the traffic change to (source user "domain\administrator" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) it caused the connection dropped because the user is not listed or allowed in the policy.</P><P>&nbsp;</P><P>kindly need help assistance to this problem, have anyone had the similar issue with global protect and ldap ?</P><P>&nbsp;</P><P>any kind of help will be appreciated.</P><P>&nbsp;</P><P>Best Regards,</P><P>quay</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 14 Apr 2020 06:19:08 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322601#M19 TowerBersamaGroup 2020-04-14T06:19:08Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322777#M21 <P>Hi Quay,</P><P>&nbsp;</P><P>Did you log onto the machine using domain\user1 and then logged into File sharing network as domain\administrator or did you log onto machine using domain\administrator account later on? Please clarify.</P> Wed, 15 Apr 2020 00:19:41 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322777#M21 vathreya 2020-04-15T00:19:41Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322798#M22 <P>Hi Vathreya,</P><P>&nbsp;</P><P>Thanks for your reply, i logged on to both machine and filesharing using domain\administrator. and then its changing source user to all network i accessed to.</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="gp-user.jpg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/25169i7865B1714BD636D4/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="gp-user.jpg" alt="gp-user.jpg" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="gp-traffic.jpg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/25170i81E75E2C1F951DB5/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="gp-traffic.jpg" alt="gp-traffic.jpg" /></span></P> Wed, 15 Apr 2020 03:50:23 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/322798#M22 TowerBersamaGroup 2020-04-15T03:50:23Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/323013#M27 <P>Hi Quay,</P><P>&nbsp;</P><P>I still don't quite follow what you're saying:&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>I have logged in global protect with ldap authentication, let's say its "domain\user1". i want to access file sharing network and it's required domain authentication, i authenticated using "domain\administrator". Oddly, my connection is suddenly dropped. i checked on monitoring traffic log, queried by my 'source ip' and it showed that my log traffic changing from "domain\user1" to "domain\administrator" and its affected to change my initial authenticated login global protect with accessing other network. For example, previously (source user "domain\user1" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) after i authenticated my domain account to access the file server the traffic change to (source user "domain\administrator" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) it caused the connection dropped because the user is not listed or allowed in the policy.</P><P>&nbsp;</P><P>&nbsp;</P><P>You also say you're logged into<SPAN>&nbsp;both machine and filesharing using domain\administrator. and then its changing source user to all network.&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Did you initially log in as domain\user 1 onto the machine, and then switched user to domain\administrator?</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>Regards,</SPAN></P><P><SPAN>Varun</SPAN></P> Wed, 15 Apr 2020 23:02:41 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/323013#M27 vathreya 2020-04-15T23:02:41Z https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/323209#M33 <P><SPAN>"You also say you're logged into</SPAN><SPAN>&nbsp;both machine and file sharing using domain\administrator. and then its changing source user to all network."</SPAN></P><P>&nbsp;</P><P><SPAN>Yes, exactly. as you can see on the capture as attached.</SPAN></P><P>&nbsp;</P><P><SPAN>i wonder, can i solve this issue by implementing agent mode ?</SPAN></P> Thu, 16 Apr 2020 16:24:36 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/global-protect-ldap-users-have-conflict-session-accessing/m-p/323209#M33 TowerBersamaGroup 2020-04-16T16:24:36Z