Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
1
Replies

Adding multiple Active Directory(s) in firepower user agent

SuMyatLwin0903
Level 1
Level 1

‎09-27-2021 09:23 PM - edited ‎09-27-2021 09:29 PM

Hi All,

 

In my customer site, FMC is integrated with Active Directory (AD) to track the connection events with their respective AD usernames.

For this scenario, we used user agent installed on a separate VM and added primary AD and FMC address in this user agent. After setup, usernames in connection event logs can be seen.

For the next requirement, customer want to use multi-AD integration with user agent. If primary AD was down, secondary one should take over the action with user agent. My problem is that secondary AD doesn't work when active one is down and we can't see usernames in connection events even the same configurations in both ADs. AD failover works by itself. I doubt that multi-AD integration is not accepted by firepower user agent.

My customer is currently using ASA-5525X firepower series.

 

Hope your answers.

Su Myat Lwin

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-28-2021 01:00 AM

A given User Agent can connect to multiple AD instances. Have you run the User Agent troubleshooting tool to investigate the problem?

https://www.cisco.com/c/en/us/td/docs/security/firesight/user-agent/25/config-guide/Firepower-User-Agent-Configuration-Guide-v2-5/ConfigAgent.html#80455

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card