I have a PA2050 v(4.0.11) and PAN-Agent for ldap users and groups. I have created a a group in my Active directotory and i configure a policy for this group but i try to check this policy with one user in this group and firewall dont let me passtrough.
I cant see that my user belongs to this new group but i can add this group in policies.
telindus@fw1orgt(active)> show user ip-user-mapping ip 10.1.12.70
IP address: 10.1.12.70
Ident. By: AD
Idle Timeout: 1956s
Max. TTL: 1956s
Groups that user belong to (used in policy)
My user brepr belongs to group oargt/accessfor in the AD but i cant see it in this output. I can apply the group oargt/accessfor in policies.
I cleared the cache groups and device-server and it didnt work :smileysad:
Its very weird because i can add this group accessfor in a policy but i cant see any users in this group.
I have created the policy again.
I have restarted the pan agent service
I have cleared all caches users/groups
What more can i try??
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!