Palo Alto Networks Knowledgebase: Auth Failing when Firewall is Sending Username and Domain Name to RADIUS Server

Auth Failing when Firewall is Sending Username and Domain Name to RADIUS Server

3739
Created On 02/07/19 23:38 PM - Last Updated 02/07/19 23:38 PM
Device Management Initial Configuration Installation QoS Zone and DoS Protection
Resolution

Issue

Authentication failing when the Palo Alto Networks firewall is sending the usernames along with the domain name to RADIUS server, while the server expects the firewall to send only usernames.

 

Cause

By default, the firewall appends the domain name to the username in the authentication response if the domain is specified in the server profile.

 

Resolution

To disable sending the domain name in the authentication response, run the following operational command on the

firewall:

> debug authd use-domain no

owner: schaganti



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm41CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language