https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4787#M3527 <HTML><HEAD></HEAD><BODY><P>Is UserID ignoring this for a particular reason or would a feature request through the local sales engineer change this behaviour?</P><P></P><P>Edit: In PANOS 5.0 if im not mistaken Globalprotect will have a similar feature where you in the security policy can choose "preauth-user" as userid (compared to todays known-user etc).</P></BODY></HTML> Wed, 24 Oct 2012 20:12:32 GMT mikand 2012-10-24T20:12:32Z https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4783#M3523 <HTML><HEAD></HEAD><BODY><P>Hello Everyone!</P><P></P><P>Is there any way to treat trafic from an specific Computer in AD ?</P><P>I need to block internet traffic and allow only internet corporate email (gmail) to some computers (doesnt matter the user logged in there)</P><P></P><P>I can fix thos MACs to the DHCP so they will receive always the same IP and I can treat those traffic... But I would like to know if Palo Alto can deal with Computers as well.. the same way it deals w/ AD users...</P><P></P><P>Thanks in advance!!</P></BODY></HTML> Mon, 22 Oct 2012 13:28:46 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4783#M3523 FabioGarcia 2012-10-22T13:28:46Z https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4784#M3524 <HTML><HEAD></HEAD><BODY><P>Since the machines will be having static IP addresses, adding these machines as address objects under the source address column in a security rule and applying the security profile or application should do the job..</P></BODY></HTML> Tue, 23 Oct 2012 14:21:25 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4784#M3524 kalyanram.piratla 2012-10-23T14:21:25Z https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4785#M3525 <HTML><HEAD></HEAD><BODY><P>Dont forget to setup DHCP snooping (along with Option82 for logging) and DAI (Dynamic Arp Inspection) so your box you want to limit just not changes its ip address manually and connects to the network to bypass the filtering.</P></BODY></HTML> Tue, 23 Oct 2012 15:57:30 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4785#M3525 mikand 2012-10-23T15:57:30Z https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4786#M3526 <HTML><HEAD></HEAD><BODY><P>Computer names from AD (with the $ preceding) are ignored in the UserID agent and as such you will not be able to deal with the computer names as you do with AD Usernames. As the UserID Agent will not create an IP to User Mapping for the computer you will not be able to block traffic in the security policy, based on the computer name. If you have a particular subnet or static IP addresses that these computers come from, that may be the simplest way to block their specific traffic.</P></BODY></HTML> Wed, 24 Oct 2012 15:29:34 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4786#M3526 sjamaluddin 2012-10-24T15:29:34Z https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4787#M3527 <HTML><HEAD></HEAD><BODY><P>Is UserID ignoring this for a particular reason or would a feature request through the local sales engineer change this behaviour?</P><P></P><P>Edit: In PANOS 5.0 if im not mistaken Globalprotect will have a similar feature where you in the security policy can choose "preauth-user" as userid (compared to todays known-user etc).</P></BODY></HTML> Wed, 24 Oct 2012 20:12:32 GMT https://live.paloaltonetworks.com/t5/general-topics/blocking-traffic-from-specific-ad-computer/m-p/4787#M3527 mikand 2012-10-24T20:12:32Z