AAA, NAC, Guest Access & BYOD

How to send UserID Updates to a particular instance of Palo Alto

Aruba Employee
Q:

How to send UserID Updates to a particular instance of Palo Alto

Clearpass can be integrated with Palo Alto to send userID updates. Palo Alto Firewall can have multiple Virtual systems which are logical firewall instances within a single Palo Alto Networks physical firewall. Each virtual system is an independent, separately managed logical firewall with its traffic kept separate from that of others.

 



A:


In Clearpass with Palo Alto integration, we add Palo Alto firewall in Endpoint Context servers. The default UserID post URL will be like below

https://{server_ip}/api/?type=user-id&action=set&key={key}&cmd={cmd}

The Post URL above will send the update to Virtual System1 by default. We need to make changes to the Post URL as below to send the userID update to a specific Virtual system

https://{server_ip}/api/?type=user-id&action=set&key={key}&vsys=vsys2&cmd={cmd}

 

Version history
Revision #:
2 of 2
Last update:
‎03-23-2017 12:09 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.