This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Can we possible to restrict another user log-in to GP using same USER-ID at the same time?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we possible to restrict another user log-in to GP using same USER-ID at the same time?

Go to solution
RohJaewoong
L3 Networker

‎12-04-2013 12:27 AM

Hello Guys.

I have a question about GlobalProtect.

While a user is logged inn and running to GlobalProtect Gateway, Another user possible to log in to GlobalProtect Gateway with same USER-ID at the same time. I want to restrict that log-in to GP GW using same USER-ID at the same time. Can I possible to install with above things for a GP?

Thanks.

Regards.

Roh

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
VinceM
L5 Sessionator

‎12-04-2013 12:44 AM

Hi Roh,

For me, not possible in the palo. In Ad you can associate one user to one laptop then limit simultaneous connexion.

Else there is third party product like:

http://www.isdecisions.com/products/userlock/

RES Software | Enterprise IT Services Made Easy

or using script like here: Logon Script 7

Hope help.

V.

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
VinceM
L5 Sessionator

‎12-04-2013 12:44 AM

Hi Roh,

For me, not possible in the palo. In Ad you can associate one user to one laptop then limit simultaneous connexion.

Else there is third party product like:

http://www.isdecisions.com/products/userlock/

RES Software | Enterprise IT Services Made Easy

or using script like here: Logon Script 7

Hope help.

V.

0 Likes Likes

Go to solution
Phoenix
L4 Transporter

‎12-04-2013 08:59 AM

Hello Roh,

I go with Vince too. Pan would allow more than one IP with the same User_ID. This is practical that a single user can login through Phone / laptop / pc and so on.

But on the PAN if we have security rules configured with usernames then all the IPs belonging to that username would be permitted. Thought of using the HIP profile feature but where we can restrict or allow users based on hostname or OS types and so on but that would be complex where we do not know which device first logged in and deny the second log on by identifying through HIP method.

Thanks

Go to solution
olev
Not applicable

‎01-19-2015 10:31 AM

Hello,

It's an old thread, sorry, but I also need this kind of feature: avoid using a same account (login/pass) simulteanously on several machines.

All I found in the KB seems to give the same answer : it's not possible.

And  after a while, I'm wondering if setting a profile with an assignement of only 1 IP address could be a workaround ???

Don't know yet if it works, but I will probably try it this week.

If someone has a thought on that, you're welcome to participate...

a+

0 Likes Likes
  • 1 accepted solution
  • 3987 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks