collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: Firepower - Certain AD user won't show in connection events  (Read 1030 times)

Offline jhinckley

  • Cisco Newbie
  • *
  • Posts: 2
  • Reputation: 0
    • View Profile
  • Certification: CCNP
Hello,

I'm running vFMC version 6.1.0.4 (build 17) against a 5516-X with fp module.  I have a long TAC history with this installation (going as far back as version 5.0.4) and the AD agent has been a huge source of grief up until this point.

At any rate, I finally got it working and in production with the help of TAC but now I'm having a problem with one user in particular.  The user was downloaded just fine and even shows up in the user activity.  However, FMC absolutely refuses to show any connection events for this user.  I can navigate to the host under the network map and I can see where the user is mapped to the IP and even see all the protocols used etc.

I'm not sure what to do at this point as TAC developers are scratching their heads over this one.  Any advice is appreciated.

Thanks,
John
« Last Edit: June 13, 2017, 11:58:52 AM by jhinckley »

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 378
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
    • View Profile
  • Certification: CCIE
Re: Firepower - Certain AD user won't show in connection events
« Reply #1 on: June 15, 2017, 11:14:46 PM »
Hi John, Is your only problem is not seeing connection log for the user while access control is being enforced correctly or user connection is not even matching your access control rules. I assume you other users work just fine matching the same rule this user supposes to match?

Offline jhinckley

  • Cisco Newbie
  • *
  • Posts: 2
  • Reputation: 0
    • View Profile
  • Certification: CCNP
Re: Firepower - Certain AD user won't show in connection events
« Reply #2 on: June 16, 2017, 12:03:17 AM »
TAC was able to resolve this problem and the connections are showing up for the missing users but now we are hitting a new bug where these same users are not matching rules that they should be matching.  The users are members of security groups that are configured in permit & block rules but they are not matching any of those rules now. 

It's very strange.  TAC has escalated to development (again) but who knows when they will straighten this one out.

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 378
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
    • View Profile
  • Certification: CCIE
Re: Firepower - Certain AD user won't show in connection events
« Reply #3 on: June 22, 2017, 10:03:19 PM »
I assume you already have realm configured and Domain User groups for that user downloaded, correct?

 

Related Topics

  Subject / Started by Replies Last post
2 Replies
2332 Views
Last post November 22, 2013, 01:09:20 PM
by MC
8 Replies
4915 Views
Last post February 20, 2014, 04:52:21 PM
by MC
1 Replies
1427 Views
Last post March 07, 2016, 11:10:44 PM
by MC
8 Replies
4200 Views
Last post April 25, 2016, 09:41:01 PM
by MC
3 Replies
1619 Views
Last post December 08, 2016, 11:08:10 PM
by MC

SimplePortal 2.3.5 © 2008-2012, SimplePortal