The PA-500 has been upgraded to PAN-OS 3.1.6 . I don't see the captive_portal.log anymore under #tail mp-log I get the following errors in authd.log (does that cover both captive portal and admin?): admin@PA-500> tail mp-log authd.log Jan 11 16:06:32 User 'pek' failed authentication. Reason: Invalid username/password From: 10.1.0.2. Jan 11 16:06:32 pan_authd_send_auth_resp(pan_authd.c:1775): pan_authd_send_auth_resp Jan 11 16:06:32 pan_authd_send_auth_resp(pan_authd.c:1793): Sent the response to client Jan 11 16:07:41 pan_authd_loop(pan_authd.c:2101): Got a msg to authd Jan 11 16:07:41 pan_authd_loop(pan_authd.c:2111): recv'ed 1068 bytes from 127.0.0.1 Jan 11 16:07:41 pan_authd_service_req(pan_authd.c:1936): pan_authd_service_req() Jan 11 16:07:41 pan_authd_service_req(pan_authd.c:1954): Authd:get group request Jan 11 16:07:41 pan_authd_handle_group_req(pan_authd.c:1905): Got user role/adomain / for user admin Jan 11 16:07:41 pan_authd_handle_group_req(pan_authd.c:1918): Sending group response msg type 3, conv id 1, to 127.0.0.1 : 38525 Jan 11 16:07:41 pan_authd_handle_group_req(pan_authd.c:1923): Sent the auth group response to client The above log does not look like captive portal problems. On the GUI, under Monitor > System, I see two related error messages: 01/11 16:06:34 general informational general Captive portal authentication failed for user: pek on 10.1.0.2, vsys1 01/11 16:06:32 general informational auth-fail User 'pek' failed authentication. Reason: Invalid username/password From: 10.1.0.2. I've simplified my network configuration to be a star network (essentially flat where the the Palo Alto is in the middle doing routing between devices) and all active interfaces are in one zone. I'm still stuck trying to figure out why the radius server is not receiving authentication requests from the palo alto.
... View more