topic Yes, I am aware of that. I in Network Security

RADIUS authentication user mapping

ammann9113 — Sun, 10 Mar 2019 13:45:20 GMT

Hello everyone

I've set up my WLAN authentication via a Windows NPS server. The NPS server is also a domain controller in my domain, which is monitored by the FirePOWER user agent.

Now, my goal was to get the user who authenticates to the wireless lan mapped in the FMC. Unfortunately though the authentication does not show up in the FMC at the "user activity"-tab. "Normal" Windows-logons show up just fine.

So, am I missing something? Or even, is this not supported?

Thanks!

I don't think this is

Philip D'Ath — Sat, 21 Jan 2017 04:28:35 GMT

I don't think this is supported. The user agent watches for user logon/logoff events. NPS wont generate these kinds of events. I don't see how it could work.

HOWEVER, once the user is attached to WiFi and attempts to access a Windows resource they should authenticate against AD at that point in time - and Firepower will pick this up.

Yes, I am aware of that. I

ammann9113 — Thu, 26 Jan 2017 12:36:36 GMT

Yes, I am aware of that. I was just hoping to get user data on my Apple devices too...

Maybe there's a way to manipulate or (re-)create the Windows events and trick the FMC into thinking it saw a legit logon...