Hello Dear Community,
I have a client who wants view user-id users name of the radius server on Palo Alto Logs (Like happens with LDAP Active Directory)
The SO of the Radius Server is Windows Server 2008. I saw there is a link on Palo Alto KBs to configure the user-id for Radius users from the Syslog Server:
But in this case, the customer has a Syslog but is not sending the Radius User logging to the Syslog, So I cannot apply this procedure.
Are there another form to do this?
We use Aruba ClearPass for authentication, and there is a supported solution for integration between ClearPass and PA. Don't know if it's any help for you. It uses XML API.
Thanks for your answer.
I'm not sure if this will works on Windows Enviroment but atleast It gave me some good ideas to test a connection with the customer and get some data. Maybe with this I can build the necessary solution.
Yes, I think they are logging the Radius Logs on Security Events of Windows. That something that I want to try and I am preparing, but i'm not pretty sure about how exactly works in order to configure it. Is on Server Monitoring like an active Directory? They are using the Radius Server also as User-ID agent so I think that is a good option to do it.4
Would you have some considerations about this?
The User-ID functionality on the PAN can map usernames to IP address's. Here are a few links to help you get started.
Hope this helps.
Our environment is the following:
-WiFi Users authenticates against RADIUS connecting through Cisco WCS
-RADIUS server is a Windows Server 2008 R2 with NPS services. This Device is also working as user-id Agent
-Saw that users coming from WiFi Networks does not show the User-ID since they are being authenticated agaisnt Radius.
Now, the question is: How we can see the user-id names of Wi-Fi users on Palo Alto Logs. I was able to do it on my lab configuring a Radius Authentication Profile and a Radius Server (Windows 2008 R2)
The links was very usefull to build my lab, but i'm not sure about if this will work on this enviroment (The users passes for the WCS first)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!