Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

identity based firewall ignore (service) account

I have set up an identity based firewall configuration.

This all seems to work quite well, some issues still arise however:

  • policies with usergroups containing spaces (i.e. "Domain Users") are not correctly handled;
  • it seems that a process / service account or whatever running on a workstation and firing a kerberos ticket request deletes the ip - user mapping that was recorded for the user logging in.

 

The group names can be handled, but it would be absolutely great to find a way to ignore certain usernames in the ip-user mappings. For instance "Administrator" or "epo_service_account"

Does anyone know how to arrange this?

 

Thanks,

 

Bas

33
Views
0
Helpful
0
Replies
CreatePlease to create content