- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-16-2011 10:35 AM
IOS : 4.0.1
User ID Agent Version: 3.1.2
We have RULE1 set for USERS - A, B, and C. They have an AV, Anti-Spyware, and Vulnerability protection. RULE2 is for ANY other users on the network, which has its own AV, Spyware, Vulnerability profiles as well as a URL Filter.
Users associated with RULE1 will randomly be applied to a URL filter, when they should not be. After a user reboots their computer the problem is fixed, but the problem will happen once again.
I have also tried using Source IP address as well as USERNAME on RULE1 to prevent this, but unfortunitally we still have problems.
Any ideas on other things to try?
03-17-2011 02:06 AM
can you verify the user association via "show user ip-user-mapping ip x.x.x.x"? when a user is experiencing the aforementioned behavior this mapping will probably be -unknown- for his IP address
check the same IP address on the panagent, if it is -unknown- there too, verify the cnfiguration
you may want to increase the age out timeout so user data is stored longer
03-31-2011 11:46 AM
show user ip-user-mapping ip 10.7.1.60
IP address: 10.7.1.60
User: unknown
Ident. By: Unknown
Idle Timeout: 651s
Max. TTL: 1551s
Groups that user belong to (used in policy)
i have changed the settings on the agent to disable the NetBIOS/WMI checking.
Have reset all other values to defaults. What should i try next?
Thanks for you help!
03-31-2011 02:56 PM
Good Afternoon,
More often than not the problems lies with the pan-agent and how it is configured or what it is running on. If you are certain that your pan-agent is installed and functioning properly it would be prudent for you to contact Technical Support at (866) 898-9087.
~Phil
04-04-2011 12:09 PM
SOLUTION :When setting up the Agent service on the domain controller you will want to have the settings under the "Recovery" tab to be "Restart the Service" for First/Second/Subsequent failures and to have the restart service timer at 1 minute.
This works for Server 2003 R2 environments.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!