01-09-2024 09:59 AM
I am trying to figure out how to remove users from Global Protect using Panorama API. This is needed for both users connected to Prisma Access and to local firewalls.
Logout_mobile_user from Prisma Access:
For Prisma Access, I think I know what is needed but I have a question about defining the user for the Gateway and for the Portal.
Logout_mobile_user from Gateway gives the following options when selecting the user:
Logout_mobile_user from Portal gives the following options when selecting user:
For the Gateway I think I would use Domain (domain\username). For the portal, how do I find the "user name base64 encoded"?
Client-logout using Panorama from a local firewall:
How do I use Panorama to remove a user from a local firewall using XML API?
Is there an API command that can be used from Panorama to identify which local firewall the user is connected to?
Thanks!
01-10-2024 01:36 PM
Hi @John_J ,
I don't think the NGFW forwards GP logged-in users to Panorama. IF you were using Panorama to redistribute User-ID info then you MAY be able to query the Panorama user-IP mapping table to view the source NGFW.
Sorry! That's all I got. Maybe someone else has something good.
Thanks,
Tom
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
