02-23-2018 03:17 PM
Hello all,
I have a requirement for the following and short of any draconian methods, I'm hoping that the PA GP will be able to answer.
These are PAN8.0.7 on 5520's in Active/Passive
I have a req to ensure that a user of GP is only allowed one GP session at a time. No sharing sessions or passwords. Options explored inlude a unique ldap group or unique tunnel to every user. This will scale poorly and create a nigthmare for management. Is there a better way? I've seen one thread discussing a Feature Request #4603 but I dont see any public ledger for this
Along with that, I'm looking for a way to generate a unique user ID per vpn session. I see there are timestamps for logins but these are granular to HHMMSS. I've chekced with PA TAC that they cannot be modified to display miliseconds, so using this as a unique ID is a hard sell, so I'd like to see a proper implementation.
I'm totally ready ti move to 8.1.0 when available, perhaps this release has the capabilities if not already there?
