AD Agent and Firepower - Users not showing in any groups
We have AD agents used on windows controllers and rules in the FIrepower to allow users in certain groups to get to certain internet sites.
Since initial implementation of this we have seen issues where users loose access to the internet and get access denied page when they try to access anything. They say they are just browsing the internet and suddenly they are presented with a page saying they are not authorized and cant access anything.
On checking the logs for the user I cant see any user information or group information, just an IP.
Has anyone seen similar issues with Firepower AD agent?
If i have the user do a reboot of their system and log back in it seems to resolve the issue.
Does anyone have any tips on how you can narrow down if it is an issue on the Domain Controller side and the Agent or something within Firepower itself? I would like to get some useful information for cisco TAC while its happening, but i also need to fix it fast for the user.
It just seems very random - users in different locations, at different times of day, in different AD groups, no changes made on our end.
Meet the Authors Event - CCIE Security in a Remote and Cloud Driven Network: SASE and Beyond
(Live event – Thursday, 29th, 2021 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 29th, April 2021 at 10...
Application Protection, Availability & Security
Join our webinar May 6th to gain valuable industry insights into the most recent application cyber attacks and to understand the potential impact bot traffic is having on your business.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...