https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/287008#M639 <P>Thanks for your answer</P><P>&nbsp;</P><P>Global Protect</P><P>&nbsp;</P><P>Regards</P> Fri, 06 Sep 2019 15:24:02 GMT ricardo.alarcon 2019-09-06T15:24:02Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286206#M635 <P>Hello, i need your help. Iwould like to know how the ildap connection woks. Why are there connections between the PAN directly to the pc and does not go through the AD server?</P><P>Is this behavior normal?</P><P>The security departament says it´s not normal or they don´t understand</P><P>&nbsp;</P><P>Thanks for your help</P> Mon, 02 Sep 2019 16:13:26 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286206#M635 ricardo.alarcon 2019-09-02T16:13:26Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286276#M636 <P>It depends on which interface you are using to eastablish LDAP connection by deafult it uses mgmt.</P><P>&nbsp;it uses TCP 139 you need to create security policy to allow traffic</P><P>&nbsp;</P><P>run below command to check status</P><P>show user group-mapping state all</P><P>below are some useful resource.</P><P>&nbsp;</P><P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGnCAK" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGnCAK</A></P><P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGOCA0" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGOCA0</A></P><P>&nbsp;</P><P>&nbsp;</P> Tue, 03 Sep 2019 10:19:26 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286276#M636 fatboy1607 2019-09-03T10:19:26Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286313#M637 <P>Thanks for the answer, but what I need to know is. why does PAN connect directly to the pc? it should connect to AD server and AD connect to pc. it is understood? excuse my english, it's not good</P><P>the logs show PAN connections with all the pc. it should be the connection of PAN with server AD and server AD with the pc</P> Tue, 03 Sep 2019 13:37:47 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286313#M637 ricardo.alarcon 2019-09-03T13:37:47Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286863#M638 <P>OK please tell us why are you using LDAP ?&nbsp; for firewall admin authentication or global protect client authentication or anything else ?</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 06 Sep 2019 05:41:40 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/286863#M638 fatboy1607 2019-09-06T05:41:40Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/287008#M639 <P>Thanks for your answer</P><P>&nbsp;</P><P>Global Protect</P><P>&nbsp;</P><P>Regards</P> Fri, 06 Sep 2019 15:24:02 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/connections-firewall-to-ldap/m-p/287008#M639 ricardo.alarcon 2019-09-06T15:24:02Z