You can check all

Hrvoje Samec · ‎12-27-2016

Hello

is there a way to see user to IP address mapping, and users AD group membership on FirePower system. I have some problems with user identification and want to check whether correct information is propageted to the FirePower system. Also, should I look for this information on FirePower Management Center or on SFR module installed on the ASA.

Information like these could be easily collected and checked on competitor devices but I can't find any documentation how to do this on Cisco firewall.

Karsten Iwen · ‎12-27-2016

You can setup the FPUA (FirePower User Agent) which will collect these informations and provides them to the FP ManagementCenter.

Another way to get User-Awareness is to use the ISE to authenticate/identify your users and devices.

Hrvoje Samec · ‎12-27-2016

Hi Karsten, thank you for you answer but I have already installed and configured FPUA.

I am looking for a way to check if information from FPUA is (correctly) transfered to FPMC.
And also, I am looking for a way to check if FPMC correctly parsing information about user group membership (I have realm configured)

Aldair1994 · ‎07-21-2017

You can check all associations of User to IP by that way:

Running a Tool file on the same directory Firepower User Agent store its files. (C:\Program Files (x86)\Cisco Systems, Inc)
Executing that file, you can go to the User Map tab, and export a file of IPV4 or/and IPV6 mapped users, it generates a file that you can see which user is mapped from which IP addres

User to IP mapping on FirePower ASA