01-28-2021 06:49 PM
@BPry
appreciate sir!
abc100~abc500
I'm trying to create an ACL that allows ID users. I'm typing them in one by one. It's taking too long.
Is there any way?
01-29-2021 08:08 AM
Are you pulling in group information from your user-id source, or are you using local users?
If you are pulling in user-id information from something like Active Directory, then you would configure Group Mapping and pull in whatever groups you need to utilize. That way you only need to create a group in AD and that group can be used in your firewall rulebase going forward.
If you are using local users, then you are going to want to create a local user group instead of specifying every individual user across your rulebase. This would either be done manually by adding each individual user, or you would script it through SSH/API so that it didn't take as long.
02-05-2021 02:14 AM
appreciate sir!
unfortunately, I don't have the authority to touch the ad, but thanks to you, I studied a lot.
02-05-2021 10:05 AM
Hello,
The easiest like BPry mentioned is to use AD groups. Have the AD team create one with the required users. Add the group via the user-id function. Then set your policies to use the AD groups rather than individual users.
Hope that helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
