Alto MS Series User Manual Page 88
- Page / 108
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
84 Getting Started Guide
Verify the User-ID Configuration Configure User Identification
Verify the User-ID Configuration
After you configure User Identification and enable User-ID on your security policies and Captive Portal policies,
you should verify that it is working properly.
Verify the User Identification Configuration
Step 1 Verify that group mapping is working. From the CLI, enter the following command:
admin@PA-200>show user group-mapping statistics
Step 2 Verify that user mapping is working. If you are using the on-device User-ID agent, you can verify this
from the CLI using the following command:
admin@PA-200>show user ip-user-mapping-mp all
IP Vsys From User Timeout (sec)
--------------------------------------------------------------
192.168.201.1 vsys1 UIA acme\louis 210
192.168.201.11 vsys1 UIA acme\eileen 210
192.168.201.50 vsys1 UIA acme\kimberly 210
192.168.201.10 vsys1 UIA acme\administrator 210
192.168.201.100 vsys1 AD acme\administrator 748
Total: 5 users
*: WMI probe succeeded
Step 3 Test your security policy. • From a machine in the zone where User-ID is enabled, attempt to
access sites and applications to test the rules you have defined in
your policy and ensure that traffic is being allowed and denied as
expected.
• You can also use the test security-policy-match
command to determine whether the policy is configured correctly.
For example, suppose you have a rule that blocks user duane from
playing World of Warcraft, you could test the policy as follows:
test security-policy-match application worldofwarcraft
source-user acme\svogt source any destination any
destination-port any protocol 6
"deny worldofwarcraft" {
from corporate;
source any;
source-region any;
to internet;
destination any;
destination-region any;
user acme\duane;
category any;
application/service worldofwarcraft;
action deny;
terminal no;
}
- Palo Alto Networks 1
- Contact Information 2
- About this Guide 2
- Table of Contents 3
- Table of Contents 4
- Management Network 5
- Perform Initial Configuration 6
- 4 Getting Started Guide 8
- 6 Getting Started Guide 10
- 8 Getting Started Guide 12
- Activate Firewall Services 13
- Manage Content Updates 15
- 12 Getting Started Guide 16
- Install Software Updates 17
- 14 Getting Started Guide 18
- Add Firewall Administrators 19
- How to Configure 20
- 18 Getting Started Guide 22
- Monitor the Firewall 23
- View Local Log Data 24
- View Reports 25
- Set Up Email Alerts 27
- Set Up SNMP Trap Destinations 27
- 24 Getting Started Guide 28
- Define Syslog Servers 29
- 26 Getting Started Guide 30
- Forward Logs to Panorama 31
- Enable Log Forwarding 31
- 28 Getting Started Guide 32
- Create the Security Perimeter 35
- Security Perimeter Overview 36
- Virtual Wire Deployments 37
- Layer 2 Deployments 37
- Layer 3 Deployments 37
- About Security Policies 38
- Optional 40
- Policy Best Practices 41
- About Policy Objects 41
- About Security Profiles 42
- Getting Started Guide 39 43
- Set Up Interfaces and Zones 44
- 42 Getting Started Guide 46
- Configure NAT Policies 47
- 44 Getting Started Guide 48
- 46 Getting Started Guide 50
- Create Security Rules 52
- 50 Getting Started Guide 54
- Test Your Security Policies 55
- Getting Started Guide 53 57
- Monitor > Logs 57
- Enable WildFire 59
- Scan Traffic for Threats 59
- Control Access to Web Content 59
- Set Up File Blocking 64
- Continue to 66
- 64 Getting Started Guide 68
- For More Information 69
- Configure User Identification 71
- User Identification Overview 72
- About User Mapping 73
- PAN-OS XMLAPI Usage Guide 74
- Enable User Identification 75
- 72 Getting Started Guide 76
- Map IP Addresses to Users 77
- Configure User Mapping 78
- Captive Portal Modes 81
- Configure Captive Portal 82
- 80 Getting Started Guide 84
- 82 Getting Started Guide 86
- Getting Started Guide 85 89
- Monitor > Logs) 89
- Set Up High Availability 91
- HA Overview 92
- Getting Started Guide 89 93
- Failover Triggers 94
- HA Timers 94
- 92 Getting Started Guide 96
- Getting Started Guide 93 97
- Configuration Guidelines 98
- 96 Getting Started Guide 100
- 98 Getting Started Guide 102
- 100 Getting Started Guide 104
- Click Commit 106
- Verify Failover 107
- Getting Started Guide 108
© 2020, manymanuals.com. All rights reserved. | 3.409 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals