Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
174
Views
0
Helpful
1
Replies

Microsoft AD security groups and ASA 5510

hdoan
Level 1
Level 1

‎09-01-2016 01:26 PM - edited ‎03-12-2019 01:13 AM

I have a web server on the inside and would like to allow only AD users or computers to access this web server from the Internet.  Is there a way I can tie AD security groups to an ASA access rule?

Thanks,

hdoan

Labels:
0 Helpful
1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

‎09-01-2016 01:54 PM

Hi

yes you can do it. It's called IDFW (Identity Firewall). You need minimum 8.4.2 code and not supported on Windows 2003 R2.

You need to have access to Windows AD server as you have to install an agent.

Here is a great and simple post:

https://supportforums.cisco.com/document/80646/asa-idfw-identity-firewall-step-step-configuration

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card