cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

668
Views
0
Helpful
2
Replies
josh.green
Beginner

PassiveID integration with ASA

Hi all,

 

Just a quick general query, I'm looking at integrating PassiveID into our network (allowing firewall rules based on AD groups instead of IP) 

 

I can see this is possible via the FMC/FTD deployments but I can't find anything specific online which states we can do this on an ASA. Has anyone had any experience of this before? If so, can you link me to the documentation if possible?

 

Thanks,

Josh

1 ACCEPTED SOLUTION

Accepted Solutions
Marvin Rhoads
VIP Community Legend

Using identity in ASA policies is limited to integration done via some legacy tools (AD Agent). Here's a guide on configuring and using it:

https://community.cisco.com/t5/security-documents/asa-idfw-identity-firewall-step-by-step-configuration/ta-p/3127806

ISE integration (with our without PassiveID) is not supported.

View solution in original post

2 REPLIES 2
Marvin Rhoads
VIP Community Legend

Using identity in ASA policies is limited to integration done via some legacy tools (AD Agent). Here's a guide on configuring and using it:

https://community.cisco.com/t5/security-documents/asa-idfw-identity-firewall-step-by-step-configuration/ta-p/3127806

ISE integration (with our without PassiveID) is not supported.

View solution in original post

Thanks Marvin. That link and your additional input is very useful.

 

 

 

 

Create
Recognize Your Peers
Content for Community-Ad