View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0227 - ASA Firepower 6.0 Passive and Active Authentication (Part 2)

Rating: 
0
No votes yet
Difficulty Level: 
4
Lab Document: 
<Please login to see the content>
Video Download: 
Title: SEC0227 - Video Download $14.00
Purchase SEC0227 - Video Download $14.00
The video walks you through two available methods of obtaining user identity on ASA Firepower 6.0; Passive and Active authentication. We will configure Passive authentication using Firepower User Agent to obtain User-to-IP mapping and enforce differentiated network access based on AD user group membership. We will also configure Active authentication as a backup method to obtain user identity from a non-domain computer.
 
Part 2 of this video covers Identity and Access control policy configuration
 
Topic:
  • Passive Authentication
    • Firepower User Agent
    • LDAP Integration
  • Active Authentication
    • ASA Captive Portal
  • Identity Policy
  • Access Control Policy

About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new Cisco technologies.

4 comments

I can not seem to get the UA to report users to the management center. Running UA 2.3, MC is 6.0.1.2. I get all green in the Active Directory Servers dialog, and in the Firepower Management Centers tab. However, "Last Real-time Report" for AD never populates, and "Last Reported" for MCs never populates. Also, no users are learned on the MC. Any help would be greatly appreciated. Also, MC and UA are on the same subnet, Windows firewall is turned off, server is 2012 R2.

Please make sure you have correct LDAP search base where user is located as well as having the user groups downloaded. Without those, user may not show up on FPMC.

Rebooted FMC and ASA. Boom, everything is working now (even my captive portal, which wasn't before).

Of course.. Good old reboot fixes it :)    Thanks for update.

Lab Minutes Classifieds