User ID Redistribution

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

User ID Redistribution

L2 Linker

Hi,

 

There seems to be an issue with our internal Palo firewalls and their Data redistribution, I'm not sure how long it's been an issue.

 

What it should do is redistribute the user authentication events to every firewall so it can use that us the user id in the firewall policy, but this isn't happening. User ID isn't showing across firewalls, like it isn't traversing the network.

 

Can anyone give me an idea what I need to look at, and why it could be an issue?

2 REPLIES 2

Cyber Elite
Cyber Elite

Hello,

I would say check your config to make sure its setup. Also make sure there are no security policies blocking the traffic.

https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-new-features/user-id-features/user-id-redistribu...

https://docs.paloaltonetworks.com/best-practices/10-1/user-id-best-practices/user-id-best-practices/...

Regards,

L2 Linker

check the following things:
> from where user-id are getting learned. ie - on which FW Ip to user mapping is happening.

> check if the you had enabled the ip to user on the side where you want the redistribution to happen.
Also as mentioned by : 

 


If you can explain the topology, i think we can help you

Abhinav Srivastava
  • 1988 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!