Solved: thanks guys, i solved this

tatostian1 · ‎07-14-2016

Dear all

I have This Scenario

I can Block Facebook, youtube for all users with a policy, But when try allow traffic specific users groups of Active directory, this allow traffic for all users, same if try with a network. if remove the group this block the URL

Regard

Sebastian

michaellperrin · ‎07-18-2016

Are you using either the Sourcefire agent or ISE for ip-user mappings?

View solution in original post

ankojha · ‎07-14-2016

Hi,

Could you verify if the config is according to the below document :

http://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html

Thanks,

Ankita

michaellperrin · ‎07-18-2016

Are you using either the Sourcefire agent or ISE for ip-user mappings?

tatostian1 · ‎07-19-2016

I use the SourceFire Agent, This must be installed on each user's machine?

or only Active directory Server?

michaellperrin · ‎07-19-2016

Just needs to be on any PC that has access to the AD.

Under the table view of the connection events do you see the user name under Initiator User or does it say Unknown?

tatostian1 · ‎07-20-2016

thanks guys, i solved this with network policy, for the moment

regards

Controlling Traffic Based on Users Firepower on asdm