12-27-2016 01:34 AM - edited 03-12-2019 01:42 AM
Hello
is there a way to see user to IP address mapping, and users AD group membership on FirePower system. I have some problems with user identification and want to check whether correct information is propageted to the FirePower system. Also, should I look for this information on FirePower Management Center or on SFR module installed on the ASA.
Information like these could be easily collected and checked on competitor devices but I can't find any documentation how to do this on Cisco firewall.
12-27-2016 02:15 AM
You can setup the FPUA (FirePower User Agent) which will collect these informations and provides them to the FP ManagementCenter.
Another way to get User-Awareness is to use the ISE to authenticate/identify your users and devices.
12-27-2016 02:26 AM
Hi Karsten, thank you for you answer but I have already installed and configured FPUA.
I am looking for a way to check if information from FPUA is (correctly) transfered to FPMC.
And also, I am looking for a way to check if FPMC correctly parsing information about user group membership (I have realm configured)
07-21-2017 01:31 PM
You can check all associations of User to IP by that way:
Running a Tool file on the same directory Firepower User Agent store its files. (C:\Program Files (x86)\Cisco Systems, Inc)
Executing that file, you can go to the User Map tab, and export a file of IPV4 or/and IPV6 mapped users, it generates a file that you can see which user is mapped from which IP addres
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide