https://community.cisco.com/t5/network-security/firepower-user-identification/m-p/3034322#M145917 <P>From my understanding this is not possible with the user agent since it only parses the security log for login events and you wont see a logon event with your assigned anyconnect ip address but the radius client / ldap client which is ASA itself.</P> <P>If you need identity integration for AnyConnect, ISE would be the solution of choice.</P> Sat, 11 Mar 2017 09:25:30 GMT Oliver Kaiser 2017-03-11T09:25:30Z https://community.cisco.com/t5/network-security/firepower-user-identification/m-p/3034321#M145915 <P>Could someone please tell me if it is possible for remote vpn users (anyconnect users) that authenticated using LDAP in full tunneling mode are redirected to sfr module and then hitting the same access rule when those users connected through LAN? As I know, the user agent only monitor the login events of domain controller, but the ip-user mapping of vpn users will not be populated within the login events, right?</P> <P>Thanks in advance.</P> Tue, 12 Mar 2019 09:02:16 GMT https://community.cisco.com/t5/network-security/firepower-user-identification/m-p/3034321#M145915 romi.darmawan1 2019-03-12T09:02:16Z https://community.cisco.com/t5/network-security/firepower-user-identification/m-p/3034322#M145917 <P>From my understanding this is not possible with the user agent since it only parses the security log for login events and you wont see a logon event with your assigned anyconnect ip address but the radius client / ldap client which is ASA itself.</P> <P>If you need identity integration for AnyConnect, ISE would be the solution of choice.</P> Sat, 11 Mar 2017 09:25:30 GMT https://community.cisco.com/t5/network-security/firepower-user-identification/m-p/3034322#M145917 Oliver Kaiser 2017-03-11T09:25:30Z