This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

X FORWARD FOR with USER ID

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

X FORWARD FOR with USER ID

Go to solution
Gregoux
L4 Transporter

‎01-29-2014 12:55 AM

Hello

is it possible to use ip retrieved from the x forwarded  header and combined with the user-id.

my aim is to filter access per active directorie usergroup, but I have a proxy implemented between the palo and the user device.

thank 

Labels:
0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
mr.linus
L4 Transporter

‎01-29-2014 03:13 AM

Hi,

Do I understand correctly that you want to retrieve the client IP via "x-forwarded for" and then let the PA use its User-ID to map this IP to a user?

I don't think this will be possible, based on the DOC provided by kdd, since the client IP will be "written" in the "source user" column.

Looks like a nice feature request to me though. Kind of like the Terminal Services User-ID agent can identify users based on source port, maybe a Proxy User-ID agent that can find users based on "x-forwarded for"...

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
kdd
L4 Transporter

‎01-29-2014 02:55 AM

Hi Gregoux,

the links explain how to enable it and how it will work

https://live.paloaltonetworks.com/docs/DOC-1128

instead of CLI via browser Device > Setup > Content-ID

The "strip x-forwarded for" option replaces the ip-address with zeros. so that the destination is not able to see the clients ip-address

Regards Klaus

Go to solution
mr.linus
L4 Transporter

‎01-29-2014 03:13 AM

Hi,

Do I understand correctly that you want to retrieve the client IP via "x-forwarded for" and then let the PA use its User-ID to map this IP to a user?

I don't think this will be possible, based on the DOC provided by kdd, since the client IP will be "written" in the "source user" column.

Looks like a nice feature request to me though. Kind of like the Terminal Services User-ID agent can identify users based on source port, maybe a Proxy User-ID agent that can find users based on "x-forwarded for"...

0 Likes Likes

Go to solution
Mt_103
L2 Linker

‎01-29-2014 05:37 PM

Hi,

I also need to retrieve the "source user" who under the PROXY.

Now, I find the user name by check "user_ip_map" and "x-forwarded for".

But this is very very heavy work..

If PAN create new columns "x-forwarded for" and "x-forwarded for user" like "source" and "source user " in traffic log & URL Filtering log,

it is very helpful and much enough for my need.

Mt.10
  • 1 accepted solution
  • 3839 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks