This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

VMware View rules configuration

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

VMware View rules configuration

alex.irzyk
L0 Member

‎10-21-2014 11:13 AM

Does anyone have any information on how to get user-id to work with a VMware View security server sitting in the DMZ? Right now the only way we can get PCoIP traffic to flow to is by specifying the ip of the VDI machine that is being connected to. What we would like is to define an AD group for remote access and populate the users into that group. Having to add IP's to the pcoip rule is kind of a show stopper since our non-persistent vdi machines are changing ip's all the time.

Labels:
0 Likes Likes
2 REPLIES 2

hshah
L6 Presenter

‎10-21-2014 11:20 AM

Hi Alex,

User-id needs user to IP mapping either from AD server or anything else which has binding.

In some cases, syslog servers or Aruba control has mappings. Still user-id can pull the information based on following document.

How to Collect the User-IP Mappings from a Syslog Sender Using an User-ID Agent

Does VMware View Security server, keeps any sort of mapping. If yes you can use above document.

Regards,

Hardik Shah

0 Likes Likes

tshiv
L4 Transporter

‎10-21-2014 02:55 PM

Hello alex.irzyk,

Based on my search, i could not confirm if vmware security manager stores ip-user mappings or generate logs for user login events. Is it possible for vmware security manager to be configured to write ip-user mapping info to a file? If this is possible, then you can try pulling the mappings from the file containing the ip-user mappings through API. The API guide below gives you the format of the input file that will have the ip-user mapping:

PAN-OS and Panorama 5.0 XML API Usage Guide

Below is the link to the perl script that can be used to confirm if you are able to pull the ip-user mappings using API.

Script to test UID XML API

Hope this helps.

Thanks

0 Likes Likes
  • 2468 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks