cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


358
Views
0
Helpful
1
Replies
Highlighted
Beginner

Context Directory Agent ip-to-user mapping missing (or being removed unexpectedly)

Hello!

We have encountered a problem with our Identity Firewall scheme recently (it works on CDA, 4 Microsoft 2012R2 DCs and Cisco ASA as a consumer device). We've noticed that some ip-to-user mappings are missing on CDA although users are in domain and stay online. All 4 DCs are up and operational and send security log to CDA. No errors were noticed on CDA's Live Log. Finally we were able to find a couple of users that disappear from Ip-to-address mapping list for no reason. What is the condition of mapping removal from CDA and what could be the possible source of a problem?

P.S CDA ver 1.0.0.011 patch 5

BR,

Pavel

1 REPLY 1
Beginner

Problem is solved. The issue

Problem is solved. The issue was in test ASA device attached to CDA. It had unnecessary parameters (inactive and NetBIOS timers) because of which it sent mapping removal request to CDA. CDA then sent this request to production devices.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here