CommScope RUCKUS Community Forums

tony_cable · ‎11-06-2014

Hi

We have a Ruckus zonedirector 1100 and a Palo Alto firewall.

We have 3 wi-fi networks set up. In simple terms, one internal, two on a different network.

The zone director has a 10.35.x.x address, the other networks have a 172.16.x.x address. One of the network's requires the user's to log in via there active directory credentials, and i am trying to set up the palo alto to monitor this network so i can see who has done what.

I’m assuming that I connect the palo alto to the ruckus syslog somehow, but I can’t work out how to monitor the 172.16 network.

The internal network is monitoring fine (but then again it should, as it's on the same network and part of the active directory network), but the guest network i can't seem to monitor.

Can anyone point me in the right direction please.

If you need any further information regarding my set up, please let me know

Thanks

Tony

dilojunior · ‎01-27-2015

Got it.. awesome!
I tried to use Field Identifier, but don't remember why it didn't worked.
I'll do some tests later to check it out.

What is the PAN OS version you are using?

We have set on ZD at Log settings to Critical Events Only and at Diagnostics -> Debug Level only Client Association is checked.

Cheers!

tony_cable · ‎01-28-2015

I'm on 6.0.7 at the moment.

I've got the log settings the same, but it is sending a whole lot of logs to the PA.

It does appear to be working, but it doesn't appear to be mapping everyone, and some mappings are dropping off half way through the day (I've personally seen it with my mobile device), so I'm not sure if something isn't quite set up right, or so many logs are being sent it looses the mapping at some point during the day (but it is better than nothing at the moment!)

CommScope RUCKUS Community Forums

Ruckus and Palo Alto User-ID on Guest Network (two different network addresses)