User having issues accessing internet after connecting to Global Protect -- Userid

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

User having issues accessing internet after connecting to Global Protect -- Userid

L2 Linker

Hi Team

 

We are seeing an issue where only 1 user is having issues when going to any websites over Global Protect. DNS lookup completes and the built-in Apps like Outlook, teams work over GP with no issues. The user is able to successfully authenticate with DUO MFA, the issue is only after the connection with GP.

 

We can see that the client is being identified as "domain\username" in Monitor > Traffic logs when the client is having issues accessing the website using the web browser. 

 

But under monitor > traffic logs when the same user is identified as just "username" on the firewall we can see that she was able to access Outlook/Teams.

 

In checking authd.log when she connects with DUO MFA, we can see teh client is recognized just as "username". We would like to understand why sometime firewall is seeing the user as "domain\username" and sometimes "username" only.

 

Under Policy we have "Any" so nothing gets dropped on Firewall but still client is not able to access the websites. All other working users are being identified as "username" and no one have any issues. Already tried to clear user-mapping but this did not help.

 

Username Modifier is set to %USERINPUT%.

 

Is there anything we can check or make sure that the user-id would be consistent or to understand why this is happening with 1 user only.

 

 

 

GlobalProtect 

0 REPLIES 0
  • 127 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!