Who Me Too'd this topic

Who Me Too'd this topic

ghafari47057
L1 Bithead

User-ID suddenly stops recognizing Users

I'm using PA-5020 as a Perimeter firewall with User-ID implementation for 5000+ users with multiple User-ID Agents across network.


Palo Alto Version : 7.1.8
User-ID Agent Version : 7.0.7-13

 

Problem i'm facing is the User-ID Agent, all of a sudden it stops recognizing users and it causes the users distruption in services accessing different applications. I'm monitoring this issue for a week now, i've upgraded my firewall from 7.0.x to 7.1.8 and User-ID agents from 6.x to 7.0.7-13 to mitigate this issue.
I've deployed a backup server also to overcome this issue that if server 1 doesn't recognize the user so it'll go to 2nd server. But still the issue exists.

Since my firewall policy is set that if the right policy doesn't hit, it falls to the policy which restricts access to all applications and denied applications gets block page and i get lots of requests from users complaining.

 

 Screen Shot 2017-06-28 at 11.12.41 AM.png

 

 

As shown in screenshot taken from my firewall.

 

Please suggest a fix to this issue.

 

Regards

 

 

Tags (2)
Who Me Too'd this topic