Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Identity firewall & usernames with @

Hi all,

I'm trying to configure ACLs using the Identity firewall on ASA 8.4.2.

I don't want to use the AD agents, but I will authenticate the users through radius, so the users appear as LOCAL\username and my access lists will have the format "access-list xxxx_in permit tcp user LOCAL\auser any host 1.1.1.1 eq www"

However, the problem is that the radius usernames have the format "username@domain.dom" and it seems that the ASA does not accept the '@' sign in the username.

So, when I try to setup eg:

object-group user myuser

     user LOCAL\test@mydomain.dom

I get:

ERROR: invalid user name 'test@mydomain.dom'

In the documentation it is stated that:

"The user_name can contain any character including [a-z], [A-Z], [0-9], [!@#$%^&()-_{}. ]"

Do you know if I can escape somehow the @ sign so that it is accepted?

Thanks,

John

241
Views
0
Helpful
0
Replies
CreatePlease to create content