User Identification Agent with Active Directory

cancel
Showing results for 
Search instead for 
Did you mean: 

User Identification Agent with Active Directory

L0 Member

I know that PA Firewall uses MGT interface to connect to user Identification Agent, I know that most of the other services can be set to use any other interface with the "Service Route Configuration" commands.

Is there any method to use any other interface as a source for communication with User Identification Agent?

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions

L0 Member

Hi,

Actually, you *can* use the Service Route setting to route communications to the User-ID Agent.

In the Service Route Configuration dialog, make sure that you have selected "Show Destinations" at the lower

left hand corner of the dialog. You will see a Destination table on the right with IP/FQDN and Source Address mappings.

At the bottom, there will be a place to add additional mappings.

In the "IP Address or FQDN" field, enter the IP address of your system where the User-ID Agent is installed.

Then, pull down available interfaces on your device and select the appropriate source IP address.

Capture-12-21-00001.jpg

View solution in original post

2 REPLIES 2

L0 Member

Hi,

Actually, you *can* use the Service Route setting to route communications to the User-ID Agent.

In the Service Route Configuration dialog, make sure that you have selected "Show Destinations" at the lower

left hand corner of the dialog. You will see a Destination table on the right with IP/FQDN and Source Address mappings.

At the bottom, there will be a place to add additional mappings.

In the "IP Address or FQDN" field, enter the IP address of your system where the User-ID Agent is installed.

Then, pull down available interfaces on your device and select the appropriate source IP address.

Capture-12-21-00001.jpg

Are there any internal downside of using this method to get data for the pan-agent or ts-agent?

I mean to "force" route it through the dataplane?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!