Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1037
Views
0
Helpful
1
Replies

ASA Active Directory permit rules

chris.jinks
Level 1
Level 1

‎04-29-2021 03:41 AM

Hi,

 

I'm looking at using a 5545-x with firepower to permit http/ https access to the internet for domain users or at least for a specific AD group,

 

I found this link https://community.cisco.com/t5/security-documents/asa-idfw-identity-firewall-step-by-step-configuration/ta-p/3127806 (ASA: IDFW (Identity Firewall) Step by Step configuration)

 

however its looks fairly old referring to server 2008, what is this the "modern" method to achieve my goal?

 

I have ISE, ASA, and firepower appliances if this helps

 

-Thank You

 

 

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎04-29-2021 03:54 AM

@chris.jinks 

You mention you have ASA and firepower appliances, which software are you running ASA or FTD? The modern way is using ISE and FTD, you can configure a realm to retrieve AD groups and pxgrid integration to learn the IP/User bindings. You can then use AD groups in the FTD ACP to permit/deny traffic accordingly.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card