- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-20-2023 04:58 AM
Hi All,
Can we configure a single policy , giving user-id's and few different IP address as source.
Will both mentioned user id's and IP address are able reach the destinations which was allowed.
01-20-2023 02:48 PM
Hello,
I would recommend two policies. One that has the User-id's and another that has the source IP's. The way the Palo Alto reads policies is top to bottom and left to right. So if you have a policy with both user-id's and source IP's, both conditions must exist.
Hope that helps.
01-20-2023 06:30 AM
You can use both username field and source IP field filled in same rule.
Let's assume you have users John and Mary in username field and IPs 192.168.1.5 and 192.168.1.20 IPs in source IP field.
This means that traffic from users John or Mary will match to the rule if their IP is either 192.168.1.5 or 192.168.1.20
So if you look at the security policy page there is "OR" between items in same column and "AND" between columns.
Source user is either John OR Mary with source IP either 192.168.1.5 OR 192.168.1.20
01-20-2023 02:48 PM
Hello,
I would recommend two policies. One that has the User-id's and another that has the source IP's. The way the Palo Alto reads policies is top to bottom and left to right. So if you have a policy with both user-id's and source IP's, both conditions must exist.
Hope that helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!