01-29-2016 04:26 AM
Hi, my users are having a error. sometimes when they try to access to any web, suddenly, the captive portal is shown (even if they are logged in domain). If they put the credentials in captive portal the web works and also if they logoff/logon the windows session and try to open again the web. It sounds like UserID problem.
We have checked all the config and its ok. we see this error in userid.log
PanOS is 6.1.4 and no bugs related to this in the adressed issues.
2016-01-29 12:44:31.593 +0100 connecting to ldap://[192.168.110.44]:389 ...
2016-01-29 12:44:31.677 +0100 ldap cfg ADs UCE.LOC connected to 192.168.110.44:389(index 1)
2016-01-29 12:48:38.812 +0100 Error: pan_user_id_agent_proc_ipuser(pan_user_id_uia.c:443): pan_user_id_agent_send_ip_user_to_dp() failed for user uce\lmontanes
2016-01-29 12:48:38.812 +0100 Error: pan_user_id_uia_handle_ip_msg_i(pan_user_id_uia_v5.c:140): pan_user_id_agent_proc_ipuser(vsys 1, ip 192.168.110.43, user uce\lmont
anes, timestamp 1454068113) failed
2016-01-29 13:06:54.325 +0100 Error: pan_user_id_agent_proc_ipuser(pan_user_id_uia.c:443): pan_user_id_agent_send_ip_user_to_dp() failed for user uce\sbreton
2016-01-29 13:06:54.325 +0100 Error: pan_user_id_uia_handle_ip_msg_i(pan_user_id_uia_v5.c:140): pan_user_id_agent_proc_ipuser(vsys 1, ip 192.168.106.94, user uce\sbret
on, timestamp 1454069209) failed
2016-01-29 13:06:54.325 +0100 Error: pan_user_id_agent_proc_ipuser(pan_user_id_uia.c:443): pan_user_id_agent_send_ip_user_to_dp() failed for user uce\sbreton
2016-01-29 13:06:54.325 +0100 Error: pan_user_id_uia_handle_ip_msg_i(pan_user_id_uia_v5.c:140): pan_user_id_agent_proc_ipuser(vsys 1, ip 192.168.106.94, user uce\sbret
on, timestamp 1454069209) failed
01-29-2016 05:52 AM
Hello,
The log seems to indicate that the device is failing to send the mapping to the dataplane. You can check to see if the mapping is on the management plane by using this command:
> show user ip-user-mapping-mp all (or filter by the IP)
You can use this command to check the mappings on the dataplane and see if they match up:
> show user ip-user-mapping all
Additionally it might be worth enabling debug on the user-id log to determine a cause of failure:
> debug user-id on debug
check the log using this command, or export a tech support file and the log will be in there:
> less mp-log useridd.log
It might also be worth restarting the user-id process:
> debug software restart user-id
hope this helps,
Ben
02-01-2016 12:45 AM
axxx@PA-3020> show user ip-user-mapping all
Total: 132 users
axxx@PA-3020> show user ip-user-mapping-mp all
Total: 116 users
In user-mapping dataplane we have more users than in mplane. Is this normal?? should it be the same number of users??
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
