PCNSE · Question #246
PCNSE Question #246: Real Exam Question with Answer & Explanation
The correct answer is A: port mapping. In environments with multi-user systems--such as Microsoft Terminal Server or Citrix environments--many users share the same IP address. In this case, the user-to-IP address mapping process requires knowledge of the source port of each client. To perform this type of mapping, you
Question
Which User-ID method should be configured to map IP addresses to usernames for users connected through a terminal server?
Options
- Aport mapping
- Bserver monitoring
- Cclient probing
- DXFF headers
Explanation
In environments with multi-user systems--such as Microsoft Terminal Server or Citrix environments--many users share the same IP address. In this case, the user-to-IP address mapping process requires knowledge of the source port of each client. To perform this type of mapping, you must install the Palo Alto Networks Terminal Server Agent on the Windows/Citrix terminal server itself to intermediate the assignment of source ports to the various user processes. For terminal servers that do not support the Terminal Server agent, such as Linux terminal servers, you can use the XML API to send user mapping information from login and logout events to User-ID. See Configure User Mapping for Terminal Server Users for configuration details. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/user-id/map-ip-addresses-to- users/configure-user-mapping-for-terminal-server-users
Topics
Community Discussion
No community discussion yet for this question.