>
    INC_PORTAL_CLIENTLESS_VPN_AUTH_ TIMEOUT_FAILURES_COUNT_EXCEEDED_ ABOVE_BASELINE_PER_PA_LOCATION
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Incidents and Alerts Reference Guide
    4. AI-Powered ADEM Incidents
    5. INC_PORTAL_CLIENTLESS_VPN_AUTH_ TIMEOUT_FAILURES_COUNT_EXCEEDED_ ABOVE_BASELINE_PER_PA_LOCATION
    Download PDF
    Prisma Access

    INC_PORTAL_CLIENTLESS_VPN_AUTH_ TIMEOUT_FAILURES_COUNT_EXCEEDED_ ABOVE_BASELINE_PER_PA_LOCATION

    Table of Contents

    INC_PORTAL_CLIENTLESS_VPN_AUTH_ TIMEOUT_FAILURES_COUNT_EXCEEDED_ ABOVE_BASELINE_PER_PA_LOCATION

    Learn about the INC_PORTAL_CLIENTLESS_VPN_AUTH_TIMEOUT_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_ PER_PA_LOCATION incident.

    Synopsis

    Portal authentication timeout failures are higher than twice the baseline for location <location-name>.
    Incident Codeā€”INC_PORTAL_CLIENTLESS_VPN_AUTH_TIMEOUT_FAILURES_COUNT_EXCEEDED_ABOVE_BASELINE_ PER_PA_LOCATION

    Required License

    AI-Powered ADEM

    Details

    Description
    Raise condition
    The incident is raised at the tenant, when the average authentication timeouts are more than twice the baseline for 45 minutes.
    Clear condition
    The incident is cleared at the tenant, when the average authentication timeouts are less than twice the baseline for 45 minutes.

    Correlated Alerts

    • AL_PORTAL_CLIENTLESS_VPN_AUTH_TIMEOUT_FAILURES_COUNT_EXCEEDED_ABOVE_ BASELINE_PER_PA_LOCATION
    • AL_PORTAL_CLIENTLESS_VPN_AUTH_SUCCESS_COUNT_DROPPED_BELOW_BASELINE_PER_ PA_LOCATION

    Remediation

    Check your authentication service availability on those services.
    • For on-premise authentication services (such as LDAP, Radius, or Kerberos), you can review audit logs for incoming user requests or login errors. If there is a lapse in incoming requests, take packet captures on the relevant network path.
    • For public authentication services (such as SAML or cloud LDAP or Radius services), review audit logs provided by your authentication service. If there is a lapse in incoming requests, check with your authentication provider for any ongoing outages.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.