- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
07-06-2020 08:14 PM
One of my customer is requesting me to track user IP address when he move from his desk to meeting room, and vice versa.
He carries his laptop, he use same ID account on AD, but his IP address will be changed when he moves around.
I know he needs to generate EVENT LOG on AD to pick up the latest info by UIA, but I have no idea how to...
Does he need always logout and re-logon once he moves?
Any suggestion is welcome.
Regards,
Emr
07-08-2020 07:24 AM
Hi
You can use Captive Portal for this. When he opens a web page and is on an unknown IP he will get redirected to a firewall hosted captive portal and asked to authenticate.
Another option:
If your customer can live with a GlobalProtect client software on his laptop - you can configure a GlobalProtect Internal Gateway.
The client software will connect to the internal gateway but without IPsec and because GP is a source of User-ID - this could solve your problem.
Just don't forget to add a PTR DNS record in the internal DNS server - this is 'Internal host detection'.
Shai
07-09-2020 02:40 PM
Hello,
Any of the user-id features should accomplish this. We user agents and have it check against Exchange since everyone has it and outlook is always connecting, its a bit quicker we found than monitoring the Domain Controllers.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRyCAK
You can user one of the other suggestions in the previous reply. They will work as well, Captive portal i would shy away from except in a 'Guest' network environment such as wifi.
Just my thoughts.
07-16-2020 07:26 PM
Thank you for your replies.
CP sounds good solution for my customer, I'll try this.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!