What is the Communication Direction for User-ID?

What is the Communication Direction for User-ID?

25167
Created On 09/26/18 13:53 PM - Last Modified 02/07/19 23:39 PM


Resolution

The direction of communication (who initiates the session) is needed for the following User-ID functionalities:

  1. TCP 389/636 [LDAP] for Group mapping connection between the Palo Alto Networks device and Domain controller.

    Direction: LDAP from Firewall to Domain Controller.

  2. TCP 5007 (or any configured port) between the Palo Alto Networks device and User-ID agent.

    Direction: 5007 [or any configured port] from firewall to Agent.

  3. TCP 5006 (or any configured port) connection between Agent and the User-ID script.

    Direction: 5006 [or any configured port] from where the script runs to the Agent.

owner: achitwadgi



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kCSArticleDetail?id=kA10g000000Clxg&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkCSArticleDetail

Attachments
Choose Language