any solution to keep tracking user IP mapping?

Reply
Highlighted
L4 Transporter

any solution to keep tracking user IP mapping?

One of my customer is requesting me to track user IP address when he move from his desk to meeting room, and vice versa.

He carries his laptop, he use same ID account on AD, but his IP address will be changed when he moves around.

 

I know he needs to generate EVENT LOG on AD to pick up the latest info by UIA, but I have no idea how to...

Does he need always logout and re-logon once he moves?

Any suggestion is welcome.

 

Regards,

Emr

Highlighted
L3 Networker

Hi

 

You can use Captive Portal for this. When he opens a web page and is on an unknown IP he will get redirected to a firewall hosted captive portal and asked to authenticate.

 

Another option:

If your customer can live with a GlobalProtect client software on his laptop - you can configure a GlobalProtect Internal Gateway.

The client software will connect to the internal gateway but without IPsec and because GP is a source of User-ID - this could solve your problem.

Just don't forget to add a PTR DNS record in the internal DNS server - this is 'Internal host detection'.

 

Shai

Cyber Elite

Hello,

Any of the user-id features should accomplish this. We user agents and have it check against Exchange since everyone has it and outlook is always connecting, its a bit quicker we found than monitoring the Domain Controllers.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRyCAK

 

You can user one of the other suggestions in the previous reply. They will work as well, Captive portal i would shy away from except in a 'Guest' network environment such as wifi.

 

Just my thoughts.

Highlighted
L4 Transporter

@ShaiW @OtakarKlier 

Thank you for your replies.

CP sounds good solution for my customer, I'll try this.

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!