This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About DLONGPRÉ
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About DLONGPRÉ
02-01-2023
22Posts
4Likes
0Solutions
Feb 01, 2023Last Visited
User
Activity
User
Profile
Latest posts by DLONGPRÉ
| Subject | Views | Posted |
|---|---|---|
| 2322 | 09-30-2020 07:08 PM | |
| 1010 | 09-16-2020 08:30 AM | |
| 2701 | 08-28-2020 06:27 AM | |
| 10398 | 08-25-2020 11:19 AM | |
| 2779 | 08-25-2020 08:45 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 07-07-2020 03:58 PM | |
| 1 Like | 05-14-2020 09:15 AM | |
| 1 Like | 06-12-2020 10:15 AM | |
| 1 Like | 04-30-2020 06:07 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 8 Likes |
User Badges
Community Statistics
| Member Since | 01-08-2018 09:55 AM |
| Date Last Visited | 02-01-2023 10:57 PM |
| Posts | 22 |
| Total Likes Received | 4 |
09-30-2020
07:08 PM
@SteveCantwell Very good post Steve! So, the end goal of this is to "drop" packets by a DoS Policy, instead the Security Policy, isn't? I understand that "tagged" IP sources within the DAG have been already blocked once by the your Security Policy, right ? Very good stuff so far... I'm planning to use DAG associated with sinkhole DNS mechanism to block dynamically infected inside host. Thanks ! Dominic.
... View more
09-16-2020
08:30 AM
Is there limitation of the Alternate Username attribute that be used ? Per example, I'm using a extra attribute which is "uid" which is available in Microsoft AD User attribute. From tcpdump trace, I can see that FW ldap request and AD response properly with good value. However, the "show user user-attribute..." never display that attribute. Any clue? Yes, I have refreshed the group-mapping. Its look like the FW receive the attribute from ldap, but does nothing with it.
... View more
08-28-2020
06:27 AM
Okay, Captive Portal was not triggered because the destination was HTTPS, and SSL decryption is required for Captive Portal to "redirect" HTTPS traffic. Also, notice that UserID database is always updated with latest user account logged. That could cause problem in "big" environment where multiple accounts (normal, priviledge ..) are required to touch specific ressources. I think that dedicated firewall(s) or VSYS isolated from the "normal USERID Database" could be a solution to front specific secure environment, like critical database, PCI... etc.
... View more
08-25-2020
11:19 AM
Is it working with SAML + Azure MFA ?
... View more
08-25-2020
08:45 AM
It's not working. The user is never triggered with the captive portal auth page. I think, this is because the firewall is already aware of Bob account that came from User ID Agent. However, I want that auth rule is triggered to let user login with his priviledge account.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
02-01-2023
10:57 PM
|
Latest Tags
No tags yet
Likes From
| User | Likes Count |
|---|---|
| 1 | |
| 1 | |
| 1 | |
| 1 |
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks