I have a lab set up to test ACL's with AD users/groups.
3 VMware instances on one host machine:
Microsoft Server 2012 with Active Directory and DNS
Cisco Context Directory Agent
This host is connected to the "Server" interface of the firewall and both
DC/DNS = 192.168.1.100
CDA = 192.168.1.200
Windows 7 = Varied (change to test IP Mapping of CDA)
Host = 192.168.1.10
ASA = 192.168.1.1
I have full communication between all devices, firewalls disabled on host machines, and full any/any rules on the firewall to prevent any traffic from being blocked as I troubleshoot this.
The agent is connected up to the domain controller and does correctly map users to IP's as I log in/out.
The ASA has the agent configured and tests just fine when I use the Test button in ASDM.
From the ASA CLI I am able to query AD and pull a list of AD groups and users.
I have ACL's created that use the domain\user as the source with any/any just trying to see if anything will match.
When I go to monitoring>Identity>Users the users that I have in the ACL's appear as inactive.
Any assistance with this would be greatly appreciated. Previously I had this lab set up with the AD Agent and was able to get this to work with on-demand mode but not full-download. Now with CDA I am unable to get either going.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...