This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

User ID agent / User-IP-Mapping issue

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

User ID agent / User-IP-Mapping issue

rimbalt
L1 Bithead

‎05-03-2012 02:53 PM

Hello,

I have simple request: created access rule based by group.(and this part looks clear and working to me). Problem that i can make User-IP mapping to work correctly. With desktops i do not see any issues because their users do not change mostly at all. Major problem is with laptops. Users migrates between meeting rooms, use wifi and comes back to work place. IP may change in an hour about 4 times. how to make palo to give access according group if i see that even first level ip-mapping is not working. Or how to make IP-mapping to work correctly?

Another thing on any commit , looks like internet and user identification (ip-maping) is also temporary lost

thanks.

0 Likes Likes
3 REPLIES 3

sjamaluddin
L4 Transporter

‎05-07-2012 02:51 PM

If you have laptop users that change IP more frequently than the timeout values, you may want to enable some kind of probing eg, NETBIOS or WMI probing which checks the user @ IP w.x.y.z every 20 min etc.

0 Likes Likes

essnet
L4 Transporter
In response to sjamaluddin

‎05-08-2012 09:44 AM

Hello,

If it is just for internet access, I would suggest you use Captive portal with NTLM authentication.

If it's for internal filtering (like datacenter secured resource access) and you have a large network, ActiveDirectory and people switch from wifi to wired network frequently then only GlobalProtect can bring you 100% success . AD log monitoring has many drawbacks and wll work for 95% of people, but yet it means 5% of your users will open tickets everyday because they can't access a resource.

0 Likes Likes

rimbalt
L1 Bithead
In response to sjamaluddin

‎05-08-2012 12:35 PM

About WMI: Yes this is the one but not the best solution.  I will try to do it with 10 minutes interval.

About Captive portal: I think it wont work for ftp users.

thanks. hoping to make palo working correctly.

0 Likes Likes
  • 2226 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks