This document explains how to configure LDAP on ASA so that user has "monitor only" access to ASDM.
Ensure that you meet below mentioned requirements before implementation.
Define ASA as a AAA client on LDAP server.
Define the IP address and an identical shared secret key on the LDAP and ASA.
The information is based on below mentioned software and hardware versions:
All of the devices used in this document started with factory default configuration.
Configuration on ASA:
1.) AAA server configuration
2. LDAP attribute map configuration:
3. AAA configuration on ASA
User have configured the ASA CX and configured the Web filtering policies.
In the policies, he has created the user objects for each of his user with their IP address for the Source. But he need to integrate it with Active Directory which will be easy for him to add user in the object group by
their domain username. what will be the steps for it.
And also that can be easily identified in the event tab with that username, as for now its just showing me the IP of the user doing illegal surfing.
You will need to setup/install CDA instead. CDA provides several benefits over the older AD Agent such as, GUI interface for management, runs on its own VM - doesn't need to be installed on a DC, and
Windows 2012 support. Below is additional information regarding CDA for you to review: Once you install CDA on your network Please follow the installation guide for Active Directory Integration. Once you done, you can see the user name on access policy.
Hello All... I am trying to configure a 5545X ASA to use Interface 0/0 and 0/1 on port-channel 1 I am using ASA Interfaces 0/2-0/5 in port-channel 2 with my various networks in subinterfaces.(with matching vlans) on the port-channel 2. I ha...
Hello, our app samepage.io has been blacklisted and our clients using Cisco are complaining thay cannot access it. We are classified as malware which is wrong. We are a business collaboration platform, have been around for quite a while and we have no mal...
i have recently configured a azure to asa site to site policy base vpn. Devices on the inside subnet can reach azure subnet. But when i try to ping azure subnet from ASA it fails. This makes LDAP authentication to fail since the ASA cant reach the LDAP se...
Can the ASA can authenticate portal access on the firewall (non-firepower)? The ASA would have to intercept a https/http connection request to the public IP of the portal and shunt the request to an authentication service before allowing the traffic....