Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
0
Replies

enabling an access control list based on ldap users

Elias Michalitsis
Level 1
Level 1

‎04-30-2012 06:17 AM - edited ‎03-11-2019 03:59 PM

Hi,

I would like to ask you something:

I have a cisco asa firewall with 8.4 version and i want to create an access control list to enable the internet only to users from a group from the ldap server.

When i try to configure the access control list i write the source address, the destination address, but when i click on the "Users" field it saids that i have to configure the active directory server and agent. I configured the AD Server, i can communicate with the ldap server but in AD Agent it asks me for a secret key, which i don't know what to type.

When i wrote a random secret key it accept the rule and it read the group name from the ldap, but the acl it doesn't work. It permits the internet traffic for the whole source subnet and not for the specific users (which must come from the ldap) within the source subnet.

Does anyone has an clue on how to configure the AD Agent and the acl rule?

Thanks in advance

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card