"No HIP report found" when selecting log details in Monitor>Logs>HIP Match

"No HIP report found" when selecting log details in Monitor>Logs>HIP Match

15088
Created On 04/18/21 16:12 PM - Last Modified 04/15/25 23:25 PM


Symptom


  • We can see the HIP match logs generated under Monitor > Logs >HIP Match but when selecting log details "No HIP Report found" message Pop up.
User-added image
  • HIP report can be seen via CLI

Environment


  • GlobalProtect infrastructure configured
  • Pan-OS version 8.1.17,9.0.11,9.1.5 and above
  • HIP feature configured

Cause


  • Username from GUI has override domain which was converted to NetBios domain from domain map. Hence the hip report file path was created using the wrong domain name and the hip report file not found.
  • The Hip report GUI/CLI issue can only be triggered when we have the following config,
    • For userid group mapping, it has a NetBIOS domain
    • For Gateway authentication Profile/Certificate Profile, if we configure override domain which is different from NetBios Domain
    • If it is SAML, the IDP has a different domain configured not matching with the NetBios domain

Resolution


  1. Run the below command and check the domain map on the firewall
sanjaya@PA-VM-Sarad> debug user-id dump domain-map
sanjaya.com                                          : sanjaya >>>>>>>>>>
 vsys1 dc=sanjaya,dc=com
 
  1. Don't use override domain configuration for GlobalProtect or use the override domain same as that in domain map (NetBios Domain, such as 'sanjaya' from the above command).
  2. Override domain configuration under authentication profile:
User-added image
  1. Override domain configuration under certificate profile:
User-added image​​​​​​
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sY3gCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language