- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-24-2010 12:23 PM
1: Captive Portal is set for entire network ( 192.168.1.0) and in Active Directory the group ( IT) is choosen which will be filtered or monitored. There are
two users ( user1/user2) who are member of this group.
Firewall Rule :
==============
1: Trust to Untrust
Source Action
1: ( Any known user) Allow
2: ( Any Unknown user) Block
Issue:
=====
When user 1 & user 2 login to shared workstation ( WS1) ( One after other)They both are able to browse internet and no issues. However after sometime the local administrator on that pc( WS1) is logged in, Locally on that machine to work and he is trying to browse internet( Ideally that user is unknown he should be prompted for authentication and he can use any guest based user account from AD ( guest 1) to access internet with limited accessibity of sites.This is not happening, the moment the local adminstration is login into that machine ( WS1) and trying to browse internet, that user is getting internet access.Seems like there is some sort of Cached information which shows that ( WS1) is still being used by known users and its not able to refresh it.
I tried to reset the user captive portal session using this command:-
# debug device-server reset captive-portal ip-address 192.168.1.104
It was of no help,
Resolution:
=============
When i restarted the PAN agent, it started to work and that agent was showing 192.168.1.104 Ip as unknown and when tried to open the IE and browse on that
pc. it showed the authentication .
This is a issue with us, and we will not be able to apply the policies on the users.
Observations:
==============
1: When we checked the logs in Firewall Monitor TAB, It was still showing us last logged in username and the logs were showing his name with latest
timestamp. We even checked by browsing some of the websited and enabled ( Resolve) in the logs to see and synchronize the domain name we were browsing as
current local administrator. However in the logs it was showing as domain user who is no more logged into that machine.
Any Suggestion on this ?
04-26-2010 04:23 PM
It sounds like the Captive Portal expiration time has yet to be reached for the original user and the guest user is authenticating based on that. You can reduce the expiration time and verify if the guest is recogonized.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!