Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1724
Views
5
Helpful
2
Replies

Connection event shows no user but user shows in active sessions

ryan14
Beginner
Beginner

‎01-05-2021 12:57 PM

In Firepower connection events, I see there are numerous connections that do not have any user. If I go to connection events and search the IP the user has, the user field shows no data. If I go to active sessions and search the same IP address, it shows the user. How do I go about getting the user to be populated in the connection events? I'm pretty sure this worked in earlier versions of Firepower.

 

Running Firepower 6.7 and ISE 2.6 patch 6.

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

‎01-14-2021 05:33 AM

Did you check your realm integration? Make sure you are able to download users and groups. That's in addition to your ISE identity source.

I had this issue recently with a Firepower 6.7. We ended up having to change the LDAP user name to not use the LDAP style DNs and instead use user@company.com style.

ryan14
Beginner
Beginner
In response to Marvin Rhoads

‎01-14-2021 11:45 AM

Thanks for that info. Yes I have the realm configured (when downloading it says it downloaded hundreds of users). The ldap user we have is also in the user@domain format as you described in the FMC Directory Username * field.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents