Configure The Identity Firewall; Configure The Active Directory Domain - Cisco ASA Series Configuration Manual
Firewall cli, asa services module, and the adaptive security virtual appliance
Hide thumbs
Also See for ASA Series:
- Cli configuration manual (2164 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Configure the Identity Firewall
•
•
Note
Before running the AD Agent Installer, you must install the patches listed in the README First for the
Cisco Active Directory Agent on each Microsoft Active Directory server that the AD Agent monitors.
These patches are required even when the AD Agent is installed directly on the domain controller server.
Configure the Identity Firewall
To configure the Identity Firewall, perform the following tasks:
Step 1
Configure the Active Directory domain in the ASA.
See
See also
servers to meet your environment requirements.
Step 2
Configure the AD Agent in ASA.
See
See also
your environment requirements.
Step 3
Configure Identity Options.
See
Configure Identity-based Security Policy. After the AD domain and AD Agent are configured, you can
Step 4
create identity-based object groups and ACLs for use in many features.
See
Configure the Active Directory Domain
Active Directory domain configuration on the ASA is required for the ASA to download Active
Directory groups and accept user identities from specific domains when receiving IP-user mapping from
the AD Agent.
Before You Begin
•
•
•
Cisco ASA Series Firewall CLI Configuration Guide
5-10
Before configuring the Active Directory server on the ASA, create a user account in Active
Directory for the ASA.
Additionally, the ASA sends encrypted log-in information to the Active Directory server by using
SSL enabled over LDAP. SSL must be enabled on the Active Directory server. See the
documentation for Microsoft Active Directory for how to enable SSL for Active Directory.
Configure the Active Directory Domain, page
Deployment Scenarios, page 5-4
Configure Active Directory Agents, page
Deployment Scenarios, page 5-4
Configure Identity Options, page
Configure Identity-Based Security Policy, page
Active Directory server IP address
Distinguished Name for LDAP base DN
Distinguished Name and password for the Active Directory user that the Identity Firewall uses to
connect to the Active Directory domain controller
5-10.
for the ways in which you can deploy the Active Directory
5-13.
for the ways in which you can deploy the AD Agents to meet
5-14.
5-18.
Chapter 5
Identity Firewall
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
