SecuReporter: user always unknown. How to identify?

Hi, the SecuReporter always reports source user as unknown. Because all our deployments are based on Active Directory, how can we identify the users who are visiting the websites? We already have SSL VPN with Active Directory and security groups in production, so is it possible to use some sort of same method for user logging?

And based on the first question: can the USG translate/resolve the source IP to a DNS record? Because now we have to manually lookup the computers' source name every time we want to know more about a certain source IP.

Answers

  • Zyxel_EmilyZyxel_Emily Zyxel Official Agent Posts: 269  mod

    Hi @MpDay,

     

    The username from AD server is able to be shown on the SecuReporter.

     

    Here is the example for your reference.

    In SSL VPN, move “ad-users” to Selected User.


    Enable “Force all client traffic to enter SSL VPN tunnel”. It means SSL VPN users access the Internet through the ZyWALL.


    Create a content filter profile.

    Remember to log all pages.


    Create a new security policy rule and apply the content filter profile to this rule.

    If you use default Auth. Method, remember to add group ad to default method.


    SSL VPN is connected. The user type of “AMY” is ad-users.


    On SecuReporter, the ad-user “AMY” is shown on the list.


    For users in LAN, you need to enable web authentication in order to see usernames on SecuReporter instead of “unknown” user.


Sign In to comment.