06-08-2018 12:34 AM
Hi, I was initially trying to setup FTD with user control using active authentication however due to active authentication certificate issue - CSCuz37162, I’m now looking at an alternative solution to do the same whereby FMC will be getting passive identity from ISE and users get authenticated via guest portal when joining into the wireless.
The flow would be like this:-
Questions:
1. Would the above mentioned work? As what being documented, ISE collects logon events from AD. Does this means joined domain PCs logon events or AD user authentication via AD events will get push to ISE too? (WiFi users will authenticate via guest portal using AD user, however they do not have PCs that joins the domain.
2. Customer uses Ruckus WLC, can Ruckus forward some kind of authentication logs to ISE via syslog for passive identity usage?
Thanks.
Solved! Go to Solution.
06-08-2018 07:15 AM
Hi,
I'm not sure number 1 would work because it isn't an actual "logon" event even if the computer is domain joined. I think question 2 is feasible as ISE / ISE-PIC could use the syslog messages to generate a passive ID session that could then be shared with FMC. The only question is whether or not does Ruckus send RFC compliant syslog messages. If they do, then it should work.
Regards,
-Tim
06-08-2018 07:15 AM
Hi,
I'm not sure number 1 would work because it isn't an actual "logon" event even if the computer is domain joined. I think question 2 is feasible as ISE / ISE-PIC could use the syslog messages to generate a passive ID session that could then be shared with FMC. The only question is whether or not does Ruckus send RFC compliant syslog messages. If they do, then it should work.
Regards,
-Tim
03-20-2019 04:11 AM
Hi
has this problem been resolve? Because we are trying to implement same scenario for similar Firepower Captive Portal reasons.
Sending AD Users info to FMC with ISE Guest Portal via ISE PIC service. We did and we have came almost to the end. but we are seeing unknown users on Connection Events Logs for the Portal Autheticated Users
interesting thing is , we can see AD users logged on througt the portal in the FMC Users Activation, but same user seems in the connection event logs seeing as unknown.
Why cant FMC write to users it sees on Users Activity to Connection Events. ?
i think , Cisco Firepower Team should be little bit more develope related to captive portal or get user infromation from ISE Guest services.
This is a feature that should always be used
Do you have any experiance and suggestions for this ?
Thanks Regards.
Murat
06-14-2019 02:34 PM
Hi,
Same scenario and dame behaviour: user in FMC is shown on Users Activity and host profile but not into Connection Events. ?
Is it supposed or I could be a bug?
Thanks
07-11-2019 01:08 PM - edited 07-11-2019 01:09 PM
this is no bug . only currently not supported this feature . FMC can not get the user info from ISE Guest Service ..
you can find it here
07-11-2019 03:56 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide