Mapping problem of users (XMLAPI) authenticated in Clearpass

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Mapping problem of users (XMLAPI) authenticated in Clearpass

L4 Transporter

Hi team,


The problem detected is that Palo Alto (PAN-OS 9.1.13-h3)computers register too many IPs for each user through XMLAPI (RADIUS-Clearpass origin). Usually a user is not connected to the WiFi network with more than 3 devices (work computer, personal phone and corporate phone), therefore is not associated with more than 3 IPs. In Palo Alto we find users associated to more than 20 IPs/device...


Any idea?




Cyber Elite
Cyber Elite


So ... what do the logs say? If you have this setup as recommended by Aruba, then ClearPass is what's actually telling the firewall how to map things through the XML API. You'll need to look at the logs on the ClearPass side of things to verify that they are updating things properly. Should be in the postauthctrl.log file as long as things haven't drastically changed since the last time I looked at it. 

L4 Transporter

I am going to check the postauthctrl.log , thanks so much

  • 2 replies
  • 101 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!