Before we start with the Integration, we need to be sure the time on the WSA and the AD is in sync.
Step 1: Go to Network, Authentication and click on Add Realm.
Step 2: Type a Name, enter the AD servers and the domain name.
Step 3: Click on the Option to Join Domain, enter a username password which has the Domain Admin rights.
Step 4: Scroll down and click on Start Test to verify if the connection is created properly. If you have see some errors, make sure those errors are corrected and click on Submit.
Step 5: Now go to Web Security manager, Identities and click on “Add Identity”.
Step 6: Add a name for the policy, scroll down and under “Identification and Authentication”.
Step 7: Open the Drop-down menu, select “Authenticate Users”, under select a realm select your AD Realm and for Scheme select “Use NTLMSSP” and click Submit.
Step 8: You can select the option “Support Guest Privileges if you want to give limited access to users who fail authentication like non-domain users.
Step 9: Now go to Web security Manager, Access Policy and click on “add Policy”.
Step 10: Scroll down to “Identity and Users, select option “Select One or More Identities” and select the Identity created above.
Step 11: Now select the “Selected Groups option to configure GroupBased Policy.
Step 12: Now click on “No group entered” and move the necessary groups under “Selected Groups”. Once finished click on Done
Step 13: click on Submit and the policy would be configured. Now to configure URL Filtering, click on Global Policy Under “URL Filtering” for this policy and select the categories under “Override Global Settings”.
Is anyone familiar with a way to centralize the reporting of TrustSec events on switches and routers? Specifically SGACL drop messages. Our network topology consists of around 150 switches (mostly 9200/9300s) and 100 routers (all 4331s or 4431s). Right no...
Hello community, I have a question for which I googled but still do not understand it quite well. Would it be possible to create a site2site connection, with both sides having the same subnet? What I have found is the use of XLATED. h...
I am fairly new with the Firepower firewalls. I was wondering if this is possible. I want one profile to use split tunneling. So I have nat(inside,outside) after-auto source static inside inside destination inside insideI want one profile...
Hello, my client mentioned they need to configure secure LDAP on the CUCM, I researched and used the link below to do the configuration Configure CUCM for Secure LDAP Directory and Authentication with AD - Cisco After the configuration, the Call...