FMC internal users

hossammahmoud1470 — Wed, 17 Jun 2020 11:21:09 GMT

I have FTD 1010 and mange it using FMC.

I want to add internal users to attach them to access policy to apply different web and app filter?

and i dont have AD or LDAB server

Re: FMC internal users

JohnLong3 — Wed, 17 Jun 2020 13:40:46 GMT

Hello,

Unfortunately, the FMC does not support a manual upload of users as it needs to be able to communicate with a user database and an identity source. In order to use users in the Access Control Policy rules, these things need to happen:

1) FMC needs to be connected to a AD or LDAP server in order to download the users (via Realm settings)

2) The FMC then needs to be connected to an "Identity Source", such as ISE or User Agent in order to get the user to IP mappings.

3) FMC then syncs what it knows about the user to IP mappings with the managed devices (in this case, the 1010) so that it can enforce policy rules based on user

For more information, please see the section of the FMC Configuration Guide called "Discovery and Identity" starting here - https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/create_and_manage_realms.html

topic FMC internal users in Network Security

FMC internal users

Re: FMC internal users