https://community.cisco.com/t5/web-security/cx-issue/m-p/2641560#M5489 <P>Hello All,</P><P>&nbsp;</P><P>I have deployed 5515-x ASA with IPS+AVC+WSE license in a client place.</P><P>&nbsp;</P><P>Have installed cisco prime security manager and configured web filtering policies as well for URL block and stuff. and its working fine.</P><P>&nbsp;</P><P>But when i integrate it with the AD and try to import user group and then use those user group in different policies and enable authentication on the Identity policy. I am getting prompts for user credentials when anyone tried to browse.</P><P>&nbsp;</P><P>But unfortunately the authentication doesnt get complete and it fails and the users cannot browse the internet.</P><P>&nbsp;</P><P>Any thoughts ?.</P><P>&nbsp;</P><P>Regards,</P><P>Matt</P> Wed, 18 Feb 2015 15:46:02 GMT mateen.padela 2015-02-18T15:46:02Z https://community.cisco.com/t5/web-security/cx-issue/m-p/2641560#M5489 <P>Hello All,</P><P>&nbsp;</P><P>I have deployed 5515-x ASA with IPS+AVC+WSE license in a client place.</P><P>&nbsp;</P><P>Have installed cisco prime security manager and configured web filtering policies as well for URL block and stuff. and its working fine.</P><P>&nbsp;</P><P>But when i integrate it with the AD and try to import user group and then use those user group in different policies and enable authentication on the Identity policy. I am getting prompts for user credentials when anyone tried to browse.</P><P>&nbsp;</P><P>But unfortunately the authentication doesnt get complete and it fails and the users cannot browse the internet.</P><P>&nbsp;</P><P>Any thoughts ?.</P><P>&nbsp;</P><P>Regards,</P><P>Matt</P> Wed, 18 Feb 2015 15:46:02 GMT https://community.cisco.com/t5/web-security/cx-issue/m-p/2641560#M5489 mateen.padela 2015-02-18T15:46:02Z https://community.cisco.com/t5/web-security/cx-issue/m-p/2641561#M5490 <P>Do you have CDA installed and configured? Your authentication policy is set to prompt for auth and it should be passive with CDA and AD.</P> Wed, 18 Feb 2015 23:16:23 GMT https://community.cisco.com/t5/web-security/cx-issue/m-p/2641561#M5490 Collin Clark 2015-02-18T23:16:23Z https://community.cisco.com/t5/web-security/cx-issue/m-p/2641562#M5491 <P>Hi Collin,</P><P>&nbsp;</P><P>i actually havent configured CDA because first i want to try the authentication. and CDA will help me with the user based logs.</P><P>&nbsp;</P><P>correct me if i am wrong.</P><P>&nbsp;</P><P>-Matt</P> Thu, 19 Feb 2015 07:05:54 GMT https://community.cisco.com/t5/web-security/cx-issue/m-p/2641562#M5491 mateen.padela 2015-02-19T07:05:54Z https://community.cisco.com/t5/web-security/cx-issue/m-p/2641563#M5492 <P>So you've added the CX to AD and when you hit the test button it's successful?</P> Fri, 20 Feb 2015 16:57:45 GMT https://community.cisco.com/t5/web-security/cx-issue/m-p/2641563#M5492 Collin Clark 2015-02-20T16:57:45Z https://community.cisco.com/t5/web-security/cx-issue/m-p/2641564#M5493 <P>Yes Collin. That's right. The server IP and login details once given and tested. Shows successful.</P> Fri, 20 Feb 2015 18:25:40 GMT https://community.cisco.com/t5/web-security/cx-issue/m-p/2641564#M5493 mateen.padela 2015-02-20T18:25:40Z