We have a Ruckus zonedirector 1100 and a Palo Alto firewall.
We have 3 wi-fi networks set up. In simple terms, one internal, two on a different network.
The zone director has a 10.35.x.x address, the other networks have a 172.16.x.x address. One of the network's requires the user's to log in via there active directory credentials, and i am trying to set up the palo alto to monitor this network so i can see who has done what.
I’m assuming that I connect the palo alto to the ruckus syslog somehow, but I can’t work out how to monitor the 172.16 network.
The internal network is monitoring fine (but then again it should, as it's on the same network and part of the active directory network), but the guest network i can't seem to monitor.
Can anyone point me in the right direction please.
If you need any further information regarding my set up, please let me know
I'm not familiar with Palo Alto FWs, but I know they can inspect packets to look for
viruses, etc. I don't know your router configuration or where the ZD connects into
the network. If you use three different VLANs to segment your three WLANs, and
can monitor your Internal 10.35.x.x, then does the PANW box have an interface on
your 10.35.x.x network too? If so, does it have another port that can connect to the
172.16.x.x VLAN/subnet? It may take an interface on the VLAN/subnet to do it's
inspection/FW duties. I suspect you would have a PANW interface on 172.16.x.x
and would specify their IP as your AD server, if you are logging in guest users via
their AD. If they only want Syslog, you can point to any IP host as an external