Who Me Too'd this topic

Who Me Too'd this topic

L1 Bithead

User-id with internal portal

Hello community,

I have just started my journey to PA world and spend several days configuring global protect features.

I successfully configured portal for as internal point of connection for Global protect client.

Idea is to provide User-id information to firewall without VPN connection.


As result my GP client tells me that "you are connected to internal network" but under PA device I don't see user<->ip information. User-id based rules don't work. no information from "show user ip-user-mapping all."

1. Are there any additional steps required to enable User-id features. I enable it only at security zone level.

2. Would it be possible to have one portal but two gateways (ext, int) for internal (user-id provisioning only )  and external (vpnssl)  deployments. Or there are two portals external / internal are required ?


Thanks in advice !

Tags (1)
Who Me Too'd this topic