Can't select users in policy

Showing results for 
Search instead for 
Did you mean: 

Can't select users in policy

L3 Networker


I am playing with my little PA-200 and wanted to try user based policies. I added a couple of users to the local user database and grouped them into user groups. Now when I create a new policy (or modify an existing one), the source-user field stays empty, my users don't show up so I can't add them. Even when I start typing (for autocomplete) I don't get any results.

Captive Portal, auth profile etc. are all configured as per documentation, and the interface is configured for UserID.

What am I missing here?




Ok, say I have two rules:

1. src: any, src-user: unknown, dst: webserver-a, app:web-browsing

2. src: any, src-user: my_users, dst: webserver-a, app:web-browsing, port 10001

Now the first thing the user does is open http://webserver-a:10001

In that case, the first rule would not match and he would never see CP. Did I get that right? If so, the user always has to do something first that is allowed by another rule (in this case rule nr. 1) to be able to trigger CP?

Confusing. Or I still don't get it.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!