- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
11-22-2024 07:41 AM
Hello.
I have issues with mapping user from Juniper Mist. User-ID is set and working fine when monitoring LAN traffic. But when I want to check wireless users I don't see Source User. From my research I understand I need some type of "bridge" between Juniper Mist and Panorama in form on syslog.
Sadly both systems are supported by separate companies so I cant ask them for help in this case.
Do anyone here have similar issue in past with Juniper Mist and Panorama? And give me any clue where I need to dig for information? Or which syslog (open source will be best) I can use as "bridge" between those two systems?
Thank you for any advices
11-22-2024 07:53 AM
How are you authenticating users on the Juniper side of things? If you're using RADIUS for authentication you could just pull logs from your RADIUS server(s) directly. It's possible that you don't actually need to utilize SYSLOG scrapping depending on your authentication setup.
If you do require syslog scrapping you don't actually need to have any sort of intermediate solution. You can send SYSLOG directly to Panorama with additional information available HERE. You can also use an intermediate solution like Graylog as an open-source example that you can then have configured to update user mappings through the API easily as well. If you don't already have that setup just enabling the firewall as a listener is a more straight-forward solution however.
11-22-2024 08:07 AM
Thank you for response BPry.
Both systems pulling info from this same Radius. That (with my knowledge) its strange. Juniper auth users by Windows AD (Radius) I can log into server and check users IP/Username for wifi. LAN users using this same Windows AD (Radius) for access desktops (docked laptops). And also I can of course log into this same server and check second vlan and see IP/Username of those users.
But Panorama showing only LAN users, and ignoring all Juniper/Wifi users.
Idea about syslog server was put in my head after conversation (with many long mails with screenshots and few life session when I explaining what is where or exactly what is missing) with our PaloAlto support as "only solution".
I hope that will bring more light on this case.
11-24-2024 11:29 PM
Hello @ParticularNoobie
I am sorry to chime in.
Based on my past experience, Mist does not send username unless Radius accounting is enabled under: Site > Wireless > WLANs > [SSID name] > RADIUS Authentication Servers. Reference: https://www.juniper.net/documentation/us/en/software/mist/mist-wireless/topics/topic-map/radius-attr....
Kind Regards
Pavel
11-27-2024 08:01 AM
Maybe I barking on wrong tree.
Maybe syslog server is not need. And only what I need is a)change PaloAlto support company 😉 b) change settings on Group Mapping.
When I start cash I noticed that this same users (auth by GroupPolicy) sometimes are visible.. sometimes are not.
In other case - all users from BYOD network (auth by radius but with manual username/password) are not visible at all.
Maybe someone can help in this case?
I attaching screenshot created today with that issue.
One user, one computer, one destination - and we have smoke and mirrors case.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!