Configuring User-Id With Radius

Reply
L1 Bithead

Configuring User-Id With Radius

Hello Dear Community,

 

I have a client who wants view user-id users name of the radius server on Palo Alto Logs (Like happens with LDAP Active Directory)

 

The SO of the Radius Server is Windows Server 2008. I saw there is a link on Palo Alto KBs to configure the user-id for Radius users from the Syslog Server:

 

https://www.paloaltonetworks.com/documentation/61/pan-os/pan-os/user-id/configure-user-id-to-receive...

 

But in this case, the customer has a Syslog but is not sending the Radius User logging to the Syslog, So I cannot apply this procedure.

 

Are there another form to do this?

 

Regards,

Aitor

L3 Networker

Re: Configuring User-Id With Radius

We use Aruba ClearPass for authentication, and there is a supported solution for integration between ClearPass and PA. Don't know if it's any help for you. It uses XML API.

 

https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default...

 

Tags (1)
L1 Bithead

Re: Configuring User-Id With Radius

Thanks for your answer.

 

I'm not sure if this will works on Windows Enviroment but atleast It gave me some good ideas to test a connection with the customer and get some data. Maybe with this I can build the necessary solution.

 

Regards,

Aitor

L7 Applicator

Re: Configuring User-Id With Radius

Hello,

Which RADIUS software are they using? Also does the RADIUS software log to the Security logs on the windows box?

 

Regards,

L1 Bithead

Re: Configuring User-Id With Radius

Hello.

 

Yes, I think they are logging the Radius Logs on Security Events of Windows. That something that I want to try and I am preparing, but i'm not pretty sure about how exactly works in order to configure it. Is on Server Monitoring like an active Directory? They are using the Radius Server also as User-ID agent so I think that is a good option to do it.4

 

Would you have some considerations about this?

 

Thanks!

Aitor

L7 Applicator

Re: Configuring User-Id With Radius

L1 Bithead

Re: Configuring User-Id With Radius

Hello,

 

Our environment is the following:

 

-WiFi Users authenticates against RADIUS connecting through Cisco WCS

-RADIUS server is a Windows Server 2008 R2 with NPS services. This Device is also working as user-id Agent

-Saw that users coming from WiFi Networks does not show the User-ID since they are being authenticated agaisnt Radius.

 

Now, the question is: How we can see the user-id names of Wi-Fi users on Palo Alto Logs. I was able to do it on my lab configuring a Radius Authentication Profile and a Radius Server (Windows 2008 R2)

 

The links was very usefull to build my lab, but i'm not sure about if this will work on this enviroment (The users passes for the WCS first)

 

Any Suggestion?

 

Regards,

Aitor

L3 Networker

Re: Configuring User-Id With Radius

Have a look at this article, particularly the Comments section:

 

https://live.paloaltonetworks.com/t5/Integration-Articles/Use-Syslog-Receiver-to-Integrate-with-Cisc...

 

Highlighted
L1 Bithead

Re: Configuring User-Id With Radius

Ok. That was very usefull. I will check that!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!