User-ID Agent Settings
- Panorama > Managed Collectors > User-ID Agents
A Dedicated Log Collector can receive user mappings from up to 100 User-ID agents. The agents can be PAN-OS integrated User-ID agents that run on firewalls or Windows-based User-ID agents. On a firewall with multiple virtual systems, each virtual system can serve as a separate User-ID agent. The Log Collector can then redistribute the user mappings to firewalls or the Panorama management server.
To configure a Dedicated Log Collector to connect to a User-ID agent,
Addone and configure the settings as described in the following table.
User-ID Agent Settings
Enter a name (up to 31 characters) to identify the User-ID agent. The name is case-sensitive, must be unique, and can contain only letters, numbers, spaces, hyphens, and underscores.
Enter the port number on which the User-ID agent will listen for User-ID requests. The default is port 5007 but you can specify any available port. Different User-ID agents can use different ports.
Some earlier versions of the User-ID agent use port 2010 as the default.
The collector that these fields refer to is the User-ID agent, not the Log Collector. The fields apply only if the agent is a firewall or virtual system that redistributes user mappings to the Log Collector. Enter the
Pre-Shared Keythat identify the firewall or virtual system as a User-ID agent. You must enter the same values as you did when configuring the firewall or virtual system to serve as a User-ID agent (see Redistribution).
Collector Pre-shared Key / Confirm Collector Pre-shared key
Select to enable the Log Collector to communicate with the User-ID agent.
Configure Access to User-ID Agents
Configure Access to User-ID Agents Each firewall and Panorama management server can connect to a maximum of 100 User-ID agents or User-ID redistribution points (or ...
Device > User Identification > User-ID Agents
Device > User Identification > User-ID Agents To map usernames to IP addresses, User-ID agents monitor various sources, such as directory servers. The agents send ...
Redistribute User-ID Information to Managed Firewalls
Redistribute User-ID Information to Managed Firewalls To ensure all the firewalls that enforce policies and generate reports have the required IP address-to-username mappings and authentication ...
Redistribution Device User Identification User Mapping Palo Alto Networks User-ID Agent Setup Redistribution To enable a firewall or virtual system to serve as a User-ID ...
Configure User-ID Redistribution
Configure User-ID Redistribution Before you configure User-ID redistribution: Plan the redistribution architecture. Some factors to consider are: Which firewalls will enforce policies for all users ...
User-ID Redistribution Using Panorama
User-ID Redistribution Using Panorama One of the key benefits of the Palo Alto Networks firewall is that it can enforce policies and generate reports based ...
Firewall Deployment for User-ID Redistribution
Firewall Deployment for User-ID Redistribution To aggregate User-ID information, organize the redistribution sequence in layers, where each layer has one or more firewalls. In the ...
Configure the Windows-Based User-ID Agent for User Mapping
Configure the Windows-Based User-ID Agent for User Mapping The Palo Alto Networks User-ID agent is a Windows service that connects to servers on your network—for ...
Install the Windows-Based User-ID Agent
Install the Windows-Based User-ID Agent The following procedure shows how to install the User-ID agent on a member server in the domain and set up ...