cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
238
Views
0
Helpful
2
Replies

FMC / FTD restrict access based on user, no AD

paul-d
Level 1
Level 1

Hi there,

We have FMC with a 1010 FTD, I'm looking to be able to apply web restrictions such as safesearch and social media to specific users however we don't have AD is it possible?

A little context, this is for a public library, we have an adults and children's squid proxy server where we can restrict access to inappropriate content for the kids, while allowing relatively unrestricted access for adults. We don't have any AD servers and are looking at decommissioning the squid proxy servers.

Do you have any recommendations? 

2 Replies 2

I think that start by assign static IP for some user 

then permit IP <User allow> URL 

deny IP ANY ANY URL 

MHM

Marvin Rhoads
Hall of Fame
Hall of Fame

As implied by the earlier response, you would need to know the IP address or subnet of the user(s) whose access you want to restrict or allow.

When a Cisco firewall has identity integration (via AD and/or ISE), those external systems provide that mapping of user identity (or group) to IP address. Without that, the firewall only has the source IP address to go by when evaluating policy.

Review Cisco Networking for a $25 gift card