Currently, to allow staff to access restricted websites from the internet, I obtain their home IP address and enable an access rule to allow them to access that website. Unfortunately, their home IP addresses are dynamic and change periodically. I'm looking into allowing them access through my ASA based on their Active Directory credentials.
Under Identity Options in ASDM, I added an entry for my DC and when I click Test and enter credentials, the test is successful. So, under Access Rules, I modify the rule to allow any access from the internet, but I add certain users from AD. It doesn't work, however.
I'm not sure what I'm missing. I looked at the Identity Firewall documentation, but I'm not sure I need an AD Agent, it doesn't seem to be what I need for this scenario. Does anyone have any ideas or a link they can point me to? I have been searching, but I can't seem to find what I'm looking for.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...