Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
574
Views
0
Helpful
1
Replies

Integrate the AD | WSA applying incorrect policies

John
Level 1
Level 1

‎02-03-2016 12:04 AM

Hello Team,

Need your help. After we integrate the AD to WSA. It identifies the user/AD group correctly, but applies the wrong policy instead receives 'DefaultGroup'.

WSA S370 AsyncOS 8.0.8-113

Troubleshooting Done: "kick" the proxy from CLI -> diagnostic -> proxy -> kick to refresh the connections. Still the same even if we do this.

Labels:
0 Helpful
1 Reply 1

Handy Putra
Cisco Employee
Cisco Employee

‎02-03-2016 04:36 AM

Hi John,

Would recommend to contact TAC for this for them to analyse deeper and possible to check from remote tunnel access to check whats going on.

However we do have defect CSCuu49389 (fixed in latest GD release) that is similar behaviour that you mentioned and have certain cases the you need to issue multiple "proxy kick" command that you did before to resolve it (have some cases that it will not fix it if only perform one "proxy kick" and need to do it few times.

Also please make sure that there is no configuration mis-match for this and make sure the correct user is listed in the accesslogs and there are policy configure for this user/user group.

Regards

Handy Putra

0 Helpful
Customers Also Viewed These Support Documents