06-13-2012 12:55 AM - edited 02-21-2020 04:40 AM
Hello,
We have a Cisco ASA 5520 with the CSC-SSM-10-k9 module.
ASDM Version : 6.4(5)
ASA Version : 8.4(2)
Content security version : 6.6.1125.0 (the last)
The Base and Plus Licences are ok
The traffic is scanned by this rule (In the CSC Setup/Traffic Selection for Scanning section) :
Interface Source Destination Service
Global any any ftp, http, pop3, smtp
I installed the Trend Micro Id Agent in ou Domain Controler (Windows 2008 R2 64 Bits)
In the web management, the agent communicate well with the CSC-SSM, i can see AD users/Groups.
I want to create profils by groups who are in our AD to block all sites except fews
In the User Id setting section all the DC are configured and login is ok
I created a user profile with the priority 1 who block all (www.*/) except few sites like www.cisco.com/* for example
Http Scanning is enabled
Url blocking and filtering is enabled
The rules are enabled
In the global url blocking, the option "Include user group policy" is checked
The url blocking with user policies works alternately
Nothing wrongs in the log files of ID agent, and the module.
Please can i have some help to make user poilcies works
Thanks by advance
Best regards
07-03-2012 11:45 AM
Please any help ???
07-17-2012 07:29 AM
Hi Philippe,
It can be something on the clients. Look this links.
https://supportforums.cisco.com/docs/DOC-12671#IDAgent_issues
http://www.cisco.com/en/US/docs/security/csc/csc66/administration/guide/csc8.html#wp1148631
att,
Claudio
07-18-2012 12:28 AM
Hi Claudio,
Thanks a lot for your answer,
I checked your links but everything is ok in log messages and firewall.
I still have problems :
- When I block trafic for a Group of users, in the log of CONTENT SECURITY CISCO ASA ASDM i can see the trafic blocking for user1 but it blocks the trafic for user5 why ? the module make mistakes in the LDAP GROUP
- I try only for my user, the blocking url filtering works only a few minutes ... why?
Thanks by advance,
Best regards
07-25-2012 07:27 AM
Hi,
I have another question.
All users log into a rds server under 2008 R2. The users have the same IP adresse (RDS server ip adress)
I read :
User classification cannot separate users that share an IP address. When users have the same IP address, user classification is not supported.
Is it the problem ?
Thanks by advance for an answer
Philippe HYVERNAT
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide