Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
minhhaivietnam
Contributor

Application and URL filtering not recognize different users on same machine

Dear All,

I have firewall internet R80.10 running Application &URL filtering blade.
I created internet access policy for users in company (PC running windown10)
Example:
Peter-------Can go internet with URL1,2,3,4 (I call URL_SET01)

John----------Can go internet with URL5,6,7,8 (I call URL_SET02)

Peter,John... are accounts I get from AD server via indentity awareness blade.
Everythink is working ok.

The problem is that: when Peter uses his AD account to login PC_of_John, then Peter logout,
then John logon his PC again=> Then John can not access website URL_SET02.
I search in smartlog, column "Source User Name" shows all users who have loged in PC of John.

Like this:

user1.png

I try to restart PC then sometime the thing works ok, sometime not.
Please help what we can do on firewall to solve this.


THANKS!!!

 

 

 

0 Kudos
Reply
2 Replies
Maarten_Sjouw
Champion
Champion

On your gateway go to the settings of Identity Awareness and click on the settings button for Active Directory Query.
You will get a window with the user/machine association time, which defaults to 720 minutes.
Change this time, when you have this user change per PC happening a lot, to a lower time.
Also the setting 'Assume 1 user per computer' can be unticked to make sure this is not bugging you.
Regards, Maarten
0 Kudos
Reply
Chris_Atkinson
Employee
Employee

If you need this to be more precise the prefered solution is the Identity Agent installed on the client PC.

0 Kudos
Reply