Showing results for 
Search instead for 
Did you mean: 

enabling an access control list based on ldap users


I would like to ask you something:

I have a cisco asa firewall with 8.4 version and i want to create an access control list to enable the internet only to users from a group from the ldap server.

When i try to configure the access control list i write the source address, the destination address, but when i click on the "Users" field it saids that i have to configure the active directory server and agent. I configured the AD Server, i can communicate with the ldap server but in AD Agent it asks me for a secret key, which i don't know what to type.

When i wrote a random secret key it accept the rule and it read the group name from the ldap, but the acl it doesn't work. It permits the internet traffic for the whole source subnet and not for the specific users (which must come from the ldap) within the source subnet.

Does anyone has an clue on how to configure the AD Agent and the acl rule?

Thanks in advance