Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2782
Views
5
Helpful
5
Replies

FMC 6.0 - "No Authentication Required" when Realm/Identity policy in place

dbert
Level 1
Level 1

‎01-30-2016 10:46 PM - edited ‎02-21-2020 05:43 AM

I have a ticket open about this issue, but I am hoping to find an answer on here faster..

My LDAP/realm is configured properly, I can see who is logged into a specific host yet group filtering doesn't seem to be working..

In the summary charts, under traffic iitiated by user all I see is "No authentication required" meanwhile i've got a passive authentication identity rule in my main access control policy... anyone run into this issue?

4 people had this problem
0 Helpful
5 Replies 5

rodrigo.cisco
Level 4
Level 4

‎02-01-2016 11:33 AM

I getting the same problem. This have started after upgrade from 5.4 to 6. If you get the answer please let me know.

0 Helpful

rodrigo.cisco
Level 4
Level 4
In response to rodrigo.cisco

‎02-01-2016 01:03 PM

This problem happen only if using ISE as the Identity Server instead of FPUA (aka SFUA). Is there some way to continue with ISE with PxGRID and be able to create Identity Policies?

0 Helpful

Colin Edwards
Level 1
Level 1

‎02-12-2016 07:19 AM

I had this issue after upgrading to 6.0.  I didn't talk to TAC, but for me it was fixed as soon as I created an Identity Policy.  For me, in the policy I chose my Realm and selected Passive Authentication.  Then go edit your Access Control Policy, pick the Advanced Tab, and select your new Identity Policy.  Don't forget to push policy out to your sensors.

rodrigo.cisco
Level 4
Level 4
In response to Colin Edwards

‎02-16-2016 09:24 AM

I have already done this, but still doesnt work. The user information show as UnKnow. I have a TAC open but up to now they havent found the problem too.

0 Helpful

scott.mickelsonAMS
Level 1
Level 1
In response to Colin Edwards

‎05-30-2017 07:54 AM

Colin,

  This worked for me! I'm not using ISE, but have SFUA installed and was seeing No authentication required for all authentications and no user tracking was available in any reporting. Once I added this basic Identity Policy to my Access Controll Policy I am good to go.

Best Regards,

-Scott

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card