Hello,
I have palo alto integration setup for my clearpass. So the way I understand it is that as users authenticate it will hand the data over via xml to the Palo Alto Firewall.
We are only seeing that maybe 60% of users that authenticate are having their user-id sent over.
Not sure why Palo Alto is missing out on these, whether it is a Palo Alto setting, ClearPass, or a networking issue.
My question is, what could cause some user-id's that are authenticated to not be sent over/processed?
I have an example:
We have a user, I show he authenticated yesterday via ClearPass Access Tracker and Accounting. Under accounting I show him being issued the IP I see him having.
I can find that IP in the Palo Alto Firewall with no User data tied to it.
If I look up the IP in Airwave then I find the username by IP.
I assume it's setup correctly since some user-id data is sent over, just not all users.
These are users joining a wireless network, using ClearPass as a RADIUS.