06-08-2016 07:53 AM - edited 03-12-2019 12:51 AM
I have a problem with Cisco Firepower users not showing on ASA FirePOWER Reporting Page.
We have LDAP enabled, do we need to do more to be able to see the users in the reporting page?
06-08-2016 07:09 PM
LDAP and a connection to your AD domain allows you to retrieve groups and their membership. You can then use those objects in policies.
It does not map usernames to IP addresses. for that you need an identity source. The potential sources are Sourcefire User Agent, ISE or a captive portal. You also should have an identity policy.
Do you have any of those configured?
06-09-2016 06:49 AM
Thanks for the feedback, for now i only enabled LDAP, im new to the FirePOWER Setup
1. i need to install sourcefire agent on DC or any other Domain computer?
2. create a identity policy, how to that?
06-09-2016 07:00 AM
Hello Michael,
You can install user agent on any server (preferably AD )but make sure that server should be able to give the proper admin privileges to the user which manages the Firepower user agent and device also should be switched on .
User Agent Installation guide :-
http://www.cisco.com/c/dam/en/us/td/docs/security/firesight/user-agent/FireSIGHT-User-Agent-Configuration-Guide-v2-2.pdf
Steps to create identity policy :-
http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Identity_Policies_and_Realms.html
pfa document for further refrence.
Rate if this answer helps you.
Regards
Jetsy
06-08-2016 10:21 PM
Hello Michael,
If you need to use user based access control policy and keep filter accordingly you must install the Firepower User agent with your AD and enable the communication in between.
Regards
Jetsy
06-09-2016 06:50 AM
Thanks for the feedback, for now i only enabled LDAP, im new to the FirePOWER Setup
1. i need to install sourcefire agent on DC or any other Domain computer?
2. create a identity policy, how to that?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide