Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1337
Views
0
Helpful
2
Replies

PassiveID integration with ASA

Go to solution
josh.green
Level 1
Level 1

‎09-22-2021 04:01 AM

Hi all,

 

Just a quick general query, I'm looking at integrating PassiveID into our network (allowing firewall rules based on AD groups instead of IP) 

 

I can see this is possible via the FMC/FTD deployments but I can't find anything specific online which states we can do this on an ASA. Has anyone had any experience of this before? If so, can you link me to the documentation if possible?

 

Thanks,

Josh

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-22-2021 05:44 AM

Using identity in ASA policies is limited to integration done via some legacy tools (AD Agent). Here's a guide on configuring and using it:

https://community.cisco.com/t5/security-documents/asa-idfw-identity-firewall-step-by-step-configuration/ta-p/3127806

ISE integration (with our without PassiveID) is not supported.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-22-2021 05:44 AM

Using identity in ASA policies is limited to integration done via some legacy tools (AD Agent). Here's a guide on configuring and using it:

https://community.cisco.com/t5/security-documents/asa-idfw-identity-firewall-step-by-step-configuration/ta-p/3127806

ISE integration (with our without PassiveID) is not supported.

0 Helpful

Go to solution
josh.green
Level 1
Level 1
In response to Marvin Rhoads

‎09-22-2021 07:36 AM

Thanks Marvin. That link and your additional input is very useful.

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card