cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1385
Views
0
Helpful
3
Replies

User to IP mapping on FirePower ASA

Hrvoje Samec
Level 1
Level 1

Hello

 

is there a way to see user to IP address mapping, and users AD group membership on FirePower system. I have some problems with user identification and want to check whether correct information is propageted to the FirePower system. Also, should I look for this information on FirePower Management Center or on SFR module installed on the ASA.

 

Information like these could be easily collected and checked on competitor devices but I can't find any documentation how to do this on Cisco firewall.

3 Replies 3

You can setup the FPUA (FirePower User Agent) which will collect these informations and provides them to the FP ManagementCenter.

Another way to get User-Awareness is to use the ISE to authenticate/identify your users and devices.

Hi Karsten, thank you for you answer but I have already installed and configured FPUA.

I am looking for a way to check if information from FPUA is (correctly) transfered to FPMC.
And also, I am looking for a way to check if FPMC correctly parsing information about user group membership (I have realm configured)

Aldair1994
Level 1
Level 1

You can check all associations of User to IP by that way:

Running a Tool file on the same directory Firepower User Agent store its files. (C:\Program Files (x86)\Cisco Systems, Inc)
Executing that file, you can go to the User Map tab, and export a file of IPV4 or/and IPV6 mapped users, it generates a file that you can see which user is mapped from which IP addres

Review Cisco Networking for a $25 gift card