I'm using PA-5020 as a Perimeter firewall with User-ID implementation for 5000+ users with multiple User-ID Agents across network.
Palo Alto Version : 7.1.8
User-ID Agent Version : 7.0.7-13
Problem i'm facing is the User-ID Agent, all of a sudden it stops recognizing users and it causes the users distruption in services accessing different applications. I'm monitoring this issue for a week now, i've upgraded my firewall from 7.0.x to 7.1.8 and User-ID agents from 6.x to 7.0.7-13 to mitigate this issue.
I've deployed a backup server also to overcome this issue that if server 1 doesn't recognize the user so it'll go to 2nd server. But still the issue exists.
Since my firewall policy is set that if the right policy doesn't hit, it falls to the policy which restricts access to all applications and denied applications gets block page and i get lots of requests from users complaining.
As shown in screenshot taken from my firewall.
Please suggest a fix to this issue.