Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2579
Views
10
Helpful
3
Replies

FMC and ISE integration for passive authentication

Go to solution
Netgizmo86
Level 1
Level 1

‎07-19-2021 05:49 AM

Hi All,

   We are implementing passive authentication using ISE ,FMC and AD. Aim is to restrict user access based on membership of AD groups. As per my understanding FMC will get user-IP information from ISE through pxGrid and will also talk with AD directly to download group information etc.  ISE need to be integrated with AD so that user mapping information can be collected using probes.

Is there a latest configuration guide I can use as a reference? 


ISE <-----------AD ------->FMC
|                                                    |
|                                                    |
|                                                    |
->----------pxGRID---------->|

 

 

Many thanks

0 Helpful
1 Accepted Solution

Accepted Solutions
3 Replies 3

Go to solution
Netgizmo86
Level 1
Level 1

‎08-02-2021 01:50 AM

Thanks Balaji, that was helpful. If we have dedicated pxGrid server would you say it is better to have Passive ID service enabled on pxGrid server ?

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Netgizmo86

‎08-02-2021 02:45 AM

i do not see major difference dedicated Pxgrid vs shared pxgrid, it shoud do the job as expected technically, but ever case is different.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents