https://community.cisco.com/t5/network-security/cisco-firepower-ad-active-authentication-browser-internal-error/m-p/2958154#M1009162 <P>We are deploying Cisco Firepower Appliance to perform advanced url filtering and user authentication for user internet access. During deployment we faced a problem with active user http\https authentication using system-provided HTTP response page. After configuring Firepower system for active user http\https authentication according to instructions provided on cisco website(<A href="http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html#anc8" target="_blank">http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html#anc8</A>) users are redirected to http response page, but after entering correct user credentials in appropriate fields users get "Internal server error 500" in their browser and nothing happens. There are no any log entries about user authentication in events list and users can't access web pages. URL filtering is not an issue, we've put an explicit permit rule in access-policy list. SSL-inspection rule is active, and works properly. We're using default http response page.</P> Tue, 12 Mar 2019 13:12:37 GMT Osipov_DG 2019-03-12T13:12:37Z https://community.cisco.com/t5/network-security/cisco-firepower-ad-active-authentication-browser-internal-error/m-p/2958154#M1009162 <P>We are deploying Cisco Firepower Appliance to perform advanced url filtering and user authentication for user internet access. During deployment we faced a problem with active user http\https authentication using system-provided HTTP response page. After configuring Firepower system for active user http\https authentication according to instructions provided on cisco website(<A href="http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html#anc8" target="_blank">http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html#anc8</A>) users are redirected to http response page, but after entering correct user credentials in appropriate fields users get "Internal server error 500" in their browser and nothing happens. There are no any log entries about user authentication in events list and users can't access web pages. URL filtering is not an issue, we've put an explicit permit rule in access-policy list. SSL-inspection rule is active, and works properly. We're using default http response page.</P> Tue, 12 Mar 2019 13:12:37 GMT https://community.cisco.com/t5/network-security/cisco-firepower-ad-active-authentication-browser-internal-error/m-p/2958154#M1009162 Osipov_DG 2019-03-12T13:12:37Z https://community.cisco.com/t5/network-security/cisco-firepower-ad-active-authentication-browser-internal-error/m-p/3349490#M1009169 <P>Hi</P> <P>&nbsp;</P> <P>I would suggest to open TAC case for this problem. httpsd logs needs to be checked to find if there are errors on the web server which is throwing the page.</P> <P>Please also make sure that the firepower sensor has direct connectivity to AD server.</P> <P>&nbsp;</P> <P>Hope it helps,</P> <P>Yogesh</P> Thu, 15 Mar 2018 20:03:34 GMT https://community.cisco.com/t5/network-security/cisco-firepower-ad-active-authentication-browser-internal-error/m-p/3349490#M1009169 yogdhanu 2018-03-15T20:03:34Z