Forum Discussion
Greg_130338
Nimbostratus
NimbostratususerID to LeasePool IP Mapping
Hey all, I finally have my SSLVPN route domain working to force all my vpn traffic through our internal network. I am not translating any of the source addresses so each leased address in the lease p...
Marco_Bayarena_
Altostratus
AltostratusThere is a way to capture the end of session (logout, time-out or other reason) with this irule? I need this so the firewall will release the ip-to-username mapping.
BASH1Nimbostratus
NimbostratusIf your Palo is scanning the syslog entries as noted above... you can write a log line entry in the ACCESS_POLICY_COMPLETED event. This will catch the logouts, timeouts, and disconnects (disconnects will hit this event via idle timeout).
Advantage to using this event is that the APM session variables are still avalible.
If you are using a sideband to call the Palo's API, you will need to be creative; perhaps write the info to a table and make the API call in a different event. Note: "This event is triggered outside of flow context (similar to RULE_INIT) when a session goes away. The iRule commands which require a flow context (for e.g. TCP, HTTP and SSL commands) can not be used in this event."