https://community.cisco.com/t5/network-security/terminal-server-agent-for-sourcefire/m-p/3093573#M1014908 <P>There are some older posts about this but I didn't really want to chime in on something that was a year old. &nbsp;We use Terminal Servers on our network for remote employees who connect over a VPN. &nbsp;As it stands, I have one URL filtering rule created against the IP addresses of those Terminal Servers rather than using group membership. &nbsp;With the release of the Terminal Server agent, I'm considering deploying it to the terminal servers but last I checked (pre 6.x) the agent was going to require captive portal being configured. &nbsp;Having just went through some of the documentation, I don't see any references to using captive portal for the terminal server agent. &nbsp;I just wanted to confirm that the terminal server agent can be used along side passive authentication (LDAP / AD) and doesn't require a captive portal? &nbsp;</P> <P></P> <P>Any feedback on gotchas or issues so far?&nbsp;</P> Tue, 12 Mar 2019 13:29:13 GMT Christopher Bell 2019-03-12T13:29:13Z https://community.cisco.com/t5/network-security/terminal-server-agent-for-sourcefire/m-p/3093573#M1014908 <P>There are some older posts about this but I didn't really want to chime in on something that was a year old. &nbsp;We use Terminal Servers on our network for remote employees who connect over a VPN. &nbsp;As it stands, I have one URL filtering rule created against the IP addresses of those Terminal Servers rather than using group membership. &nbsp;With the release of the Terminal Server agent, I'm considering deploying it to the terminal servers but last I checked (pre 6.x) the agent was going to require captive portal being configured. &nbsp;Having just went through some of the documentation, I don't see any references to using captive portal for the terminal server agent. &nbsp;I just wanted to confirm that the terminal server agent can be used along side passive authentication (LDAP / AD) and doesn't require a captive portal? &nbsp;</P> <P></P> <P>Any feedback on gotchas or issues so far?&nbsp;</P> Tue, 12 Mar 2019 13:29:13 GMT https://community.cisco.com/t5/network-security/terminal-server-agent-for-sourcefire/m-p/3093573#M1014908 Christopher Bell 2019-03-12T13:29:13Z https://community.cisco.com/t5/network-security/terminal-server-agent-for-sourcefire/m-p/3093574#M1014915 <P>Terminal Server Agent is supported since 6.2.0. Captive portal is not required and passive authentication may be used. TSA assigns a source port range to every user and communicates its ip address + src port range for each user to FMC using REST so your sensor knows the correct user:ip:port mapping to apply identity based rules.</P> <P></P> <P>As for issues I am only aware of&nbsp;<SPAN>CSCve61048.</SPAN></P> <P><SPAN></SPAN></P> <P><SPAN>regards</SPAN></P> <P><SPAN>Oliver</SPAN></P> Tue, 15 Aug 2017 21:03:40 GMT https://community.cisco.com/t5/network-security/terminal-server-agent-for-sourcefire/m-p/3093574#M1014915 Oliver Kaiser 2017-08-15T21:03:40Z