Been working on ASA for a long time, and I have my first firepower 1010 appliance that I'm running the Firepower image on. Can't seem to get the RADIUS authentication for logging into web GUI working.
I've configured the RADIUS server group and RADIUS server. Tested access to the server OK. However, when I try to utilize my AD credentials, it keeps failing with "unable to authorize access". The windows NPS logs appears to show a successful authentication:
Network Policy Server granted full access to a user because the host met the defined health policy.
User:
Security ID: ADMINS\jdoe
Account Name: jdoe
Account Domain: ADMINS
Fully Qualified Account Name: xxxx.com/Users/John Doe
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: -
Calling Station Identifier: -
NAS:
NAS IPv4 Address: 192.168.2.18
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type: Virtual
NAS Port: -
RADIUS Client:
Client Friendly Name: RT-OFFICE-FW01
Client IP Address: 192.168.2.18
Authentication Details:
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: Cisco admin auth network policy
Authentication Provider: Windows
Authentication Server: RADIUS-SERV.xxxx.com
Authentication Type: PAP
EAP Type: -
Account Session Identifier: -
Quarantine Information:
Result: Full Access
Extended-Result: -
Session Identifier: -
Help URL: -
System Health Validator Result(s): -
