12-08-2021 04:12 AM - edited 12-08-2021 04:14 AM
Hi,
I'm having problem with correct configuration of Remote Access VPN with Azure SAML on Firepower Appliance. How do I manage to create access control rule based on that specific user that I'm connecting through Microsoft?. I've tried to set up realms with AD but it doesn't work. When I reconfigure remote access to authenticate through AD, rules based on user works without problem. I've notice that, when I connect throught Microsoft portal, user that I'm connecting from isn't listed in "Active sessions" and in logs it shows that traffic is blocked and the "initiator user" is "not found" (without decryption) or "Pending user" (with decryption enabled).
My question is, is it even possible to create access control rules based on users that i'm connecting through Microsoft portal?
12-10-2021 04:38 AM
No one?
12-12-2021 11:27 PM
Realm integration with on premises AD and an identity policy (whether the source is ISE or User Agent) won't help when you are using Azure AD for authentication.
You should be picking up the user identity though from the VPN authentication. Do the usernames show up in the cli show command "show vpn-sessiondb anyconnect"?
12-14-2021 05:36 AM
Yes, they do, but not in 'active sessions' in FMC.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide