https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35872#M26365 <HTML><HEAD></HEAD><BODY><P>I know about the issues of using local user groups in these security rules. I have tried to use them but with no success. Because I did not have a specific requirement for this, i did not go further, but I know that they may not work correctly. <BR />Defining the users one-by-one will work, but I think that they need to be also placed to the "additional users" field one by one.</P><P></P><P>George</P></BODY></HTML> Mon, 29 Nov 2010 12:56:09 GMT ggoudr 2010-11-29T12:56:09Z https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35869#M26362 <HTML><HEAD></HEAD><BODY><P>Dear all,</P><P><BR />Can a user defined in the local user database to be used on security policies?</P><P></P><P>What we need to deploy is that when a user authenticates via SSL VPN (using the local user database) to be able to apply security policies based on this specific username.</P><P></P><P>Regards,</P><P></P><P>George Goundras</P></BODY></HTML> Mon, 22 Nov 2010 08:51:26 GMT https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35869#M26362 ggoudr 2010-11-22T08:51:26Z https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35870#M26363 <HTML><HEAD></HEAD><BODY><P>removing my last response as it was intended for a different thread.</P><P></P><P>The correct response for this thread is:</P><P></P><P>Yes you can use firewall in the manner you describe.</P><P></P><P>SSL VPN users in the local database on the firewall can be used for the "users" field in security policies.</P></BODY></HTML> Tue, 23 Nov 2010 18:24:22 GMT https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35870#M26363 bpappas 2010-11-23T18:24:22Z https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35871#M26364 <HTML><HEAD></HEAD><BODY><P>I've run into issues with using local groups in PA rules.&nbsp; Individual local users work fine, but when trying to use locally defined groups, I've run into problems.</P><P></P><P>I'll try to open a case with support to get it checked out.</P><P></P><P>Tariq</P></BODY></HTML> Tue, 23 Nov 2010 20:26:11 GMT https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35871#M26364 rahmant 2010-11-23T20:26:11Z https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35872#M26365 <HTML><HEAD></HEAD><BODY><P>I know about the issues of using local user groups in these security rules. I have tried to use them but with no success. Because I did not have a specific requirement for this, i did not go further, but I know that they may not work correctly. <BR />Defining the users one-by-one will work, but I think that they need to be also placed to the "additional users" field one by one.</P><P></P><P>George</P></BODY></HTML> Mon, 29 Nov 2010 12:56:09 GMT https://live.paloaltonetworks.com/t5/general-topics/using-local-user-database-in-security-rules/m-p/35872#M26365 ggoudr 2010-11-29T12:56:09Z