topic Re: LDAP User based policy not working in Next-Generation Firewall Discussions

LDAP User based policy not working

ArunKumar7 — Wed, 13 Mar 2024 08:10:51 GMT

Essentially, I aim to enable users to access the internet after being prompted with a captive portal and entering their LDAP username and password. Each user should have a separate policy. I have configured the LDAP server, portal, and other settings, but after entering credentials on the captive portal login page, the internet page does not load.

My policy is set to allow any to any with the source user as the AD username. However, if I set the source user as "Any," then I am able to access the internet. Why is the internet not working when the source is set as an LDAP user? Can anyone provide assistance with this issue?

Re: LDAP User based policy not working

reaper — Wed, 13 Mar 2024 10:49:47 GMT

what is the format you use in your security rule to identify the user (upn, san,...) and how are they actually mapped (show user ip-user-mapping all)

the captured username needs to match the username in the security rule

Re: LDAP User based policy not working

ArunKumar7 — Thu, 14 Mar 2024 04:29:50 GMT

Yeah, fixed the issue.
Policy was not matching because of the username mismatch in the policy vs captive portal input username.