global protect ldap users have conflict session accessing private network

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

global protect ldap users have conflict session accessing private network

L1 Bithead

Hi All,

 

I have setup global protect authenticated by LDAP. Before i started, here is my running version:

- PA Firmware : 8.1.5

- GP Version  : 5.0.0

I found odd issue with global protect ldap authenticated user who accessing the private network.

 

I have logged in global protect with ldap authentication, let's say its "domain\user1". i want to access file sharing network and it's required domain authentication, i authenticated using "domain\administrator". Oddly, my connection is suddenly dropped. i checked on monitoring traffic log, queried by my 'source ip' and it showed that my log traffic changing from "domain\user1" to "domain\administrator" and its affected to change my initial authenticated login global protect with accessing other network. For example, previously (source user "domain\user1" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) after i authenticated my domain account to access the file server the traffic change to (source user "domain\administrator" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) it caused the connection dropped because the user is not listed or allowed in the policy.

 

kindly need help assistance to this problem, have anyone had the similar issue with global protect and ldap ?

 

any kind of help will be appreciated.

 

Best Regards,

quay

 

 

 

4 REPLIES 4

L4 Transporter

Hi Quay,

 

Did you log onto the machine using domain\user1 and then logged into File sharing network as domain\administrator or did you log onto machine using domain\administrator account later on? Please clarify.

Hi Vathreya,

 

Thanks for your reply, i logged on to both machine and filesharing using domain\administrator. and then its changing source user to all network i accessed to.

 

gp-user.jpggp-traffic.jpg

Hi Quay,

 

I still don't quite follow what you're saying: 

 

 

I have logged in global protect with ldap authentication, let's say its "domain\user1". i want to access file sharing network and it's required domain authentication, i authenticated using "domain\administrator". Oddly, my connection is suddenly dropped. i checked on monitoring traffic log, queried by my 'source ip' and it showed that my log traffic changing from "domain\user1" to "domain\administrator" and its affected to change my initial authenticated login global protect with accessing other network. For example, previously (source user "domain\user1" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) after i authenticated my domain account to access the file server the traffic change to (source user "domain\administrator" global protect source-ip 172.10.1.63 destination-ip 10.10.1.100) it caused the connection dropped because the user is not listed or allowed in the policy.

 

 

You also say you're logged into both machine and filesharing using domain\administrator. and then its changing source user to all network. 

 

Did you initially log in as domain\user 1 onto the machine, and then switched user to domain\administrator?

 

 

Regards,

Varun

"You also say you're logged into both machine and file sharing using domain\administrator. and then its changing source user to all network."

 

Yes, exactly. as you can see on the capture as attached.

 

i wonder, can i solve this issue by implementing agent mode ?

  • 4528 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!