Palo Alto Networks Knowledgebase: How to define Access Domains for Administrators

How to define Access Domains for Administrators

Created On 02/07/19 23:53 PM - Last Updated 02/07/19 23:53 PM

Access domains can be defined under Device tab >

Use the Access Domain page to specify domains for administrator access to the firewall. The access domain is linked to RADIUS vendor-specific attributes (VSAs) and is supported only if a RADIUS server is used for administrator authentication.

When an administrator attempts to log in to the firewall, the firewall queries the RADIUS server for the administrator’s access domain. If there is an associated domain on the RADIUS server, it is returned and the administrator is restricted to the defined virtual systems inside the named access domain on the device. If RADIUS is not used, the access domain settings on this page are ignored.


Name: Enter a name for the access domain (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, hyphens, and underscores

Vsys: Select virtual systems in the Available column and click Add to select them

owner: kalavi

  • Print
  • Copy Link

Choose Language