I´m trying to configure ssl-vpn to authenticate users in ldap server or locally with imported users from Ldap via PAN. The only way that I’ve successful login´s is when I create a local user in Palo Alto firewall. I´ve got connection to Ldap servers, and in system log it appears
User 'xpto\administrator' failed authentication. Reason: User is not in allowlist
And the user is in the allow list.
I´ve switch the authentication profile (that was LDAP) and switch to authentication none. I add to include the group where the users belongs to.
It works now.
I am also work right now. However, it seems authenticate by UIA but not LDAP in server profiles. Anyone can advise it is a normal procedure or not? Thanks!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!