eun_internal_group Identification Profile Information
Does anyone have any information on eun_internal_group Identification Profile? Can't find any info on it.
Trying to troubleshoot an issue with Identifty profiles in WSA where the identity Profile is being matched on that.
If it wasnt matching any of the profiles I had created it should match on DefaultIdentification profile. But with this particular trace its showing up as matching on eun_internal_group Identification Profile and being blocked.
I have tried creating a new profile for unauthenticated users at the top of the profiles list going to the site in question and it still not matching and showing up as matching identification profile eun_internal_group.
eun_internal_group is actually a internal built in identification in the WSA to itself. This nomally occurs when it is trying to redirect the traffic to itself such as for the appliance to display its internal notification page or block page.
Does you identity has End-User Acknowledgement enabled and is it been configured correctly?
In order to dig this deeper, would require the accesslogs, configuration of Identity and EUN or configuration file and possible remote tunnel access to the appliance service level. Since these are sensitive information, would recommend to open a Cisco TAC case for the engineer to assist you in the troubleshooting.
I can see in the logs that an unauthenticated user is being denied from accessing the pac file which is hosted on the WSA.
When i ran a trace I can see it blocked with identification profile: eun_internal_group and access policy Global access policy.
I've tried adding the http://WSAHostname/pacfilename,pac to the no authentication group so anyone should be able to get to it. Also tried creating a new identity and policy at the top of the policies to allow anyone to get to that location.
The trace doesnt pick up the changes I have done. Just blocks it.
Meet the Authors Event - CCIE Security in a Remote and Cloud Driven Network: SASE and Beyond
(Live event – Thursday, 29th, 2021 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 29th, April 2021 at 10...
Application Protection, Availability & Security
Join our webinar May 6th to gain valuable industry insights into the most recent application cyber attacks and to understand the potential impact bot traffic is having on your business.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...