12-10-2013 06:57 AM - edited 03-11-2019 08:15 PM
Hello,
Currently, to allow staff to access restricted websites from the internet, I obtain their home IP address and enable an access rule to allow them to access that website. Unfortunately, their home IP addresses are dynamic and change periodically. I'm looking into allowing them access through my ASA based on their Active Directory credentials.
Under Identity Options in ASDM, I added an entry for my DC and when I click Test and enter credentials, the test is successful. So, under Access Rules, I modify the rule to allow any access from the internet, but I add certain users from AD. It doesn't work, however.
I'm not sure what I'm missing. I looked at the Identity Firewall documentation, but I'm not sure I need an AD Agent, it doesn't seem to be what I need for this scenario. Does anyone have any ideas or a link they can point me to? I have been searching, but I can't seem to find what I'm looking for.
Thanks in advance!
Solved! Go to Solution.
12-10-2013 09:07 AM
Hello,
Yes, you will need the AD agent to run Identity Firewall.
You could also use Cut-Through Proxy for HTTP/HTTPS traffic and using LDAP for the authentication part.
That should do it bud.
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
12-10-2013 09:07 AM
Hello,
Yes, you will need the AD agent to run Identity Firewall.
You could also use Cut-Through Proxy for HTTP/HTTPS traffic and using LDAP for the authentication part.
That should do it bud.
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: