User Info

Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: ISE integration with Firepower with pxGrid  (Read 6390 times)

Offline Mikep

  • Cisco Newbie
  • *
  • Posts: 21
  • Reputation: 5
  • Certification: CCNP
ISE integration with Firepower with pxGrid
« on: April 25, 2016, 05:56:16 PM »
Hey MC,

I was curious if you have had a chance to lab this up yet? I just haven't had time and can't in prod.

Right now for wireless clients there is no AD log on/log off event so the CDA can't map user to IP for wireless users.  This is problematic with WSA and will be with out firepower when we upgrade our ASA's

I'm curious with pxGrid if ISE will be able to map wireless users to IP and have that context used in firepower? Or is it pretty much a glorified CDA and can only see AD events and use those?

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 400
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ISE integration with Firepower with pxGrid
« Reply #1 on: April 25, 2016, 09:38:05 PM »
ISE publish endpoint identity from two sources; RADIUS/802.1X and Identity mapping from AD (like CDA). If your users authenticates against ISE whether they are wired/wireless/VPN, ISE will send the user info into the pxGrid for other subscriber to consume. So yes, your WSA or FP should be able to see the username/IP.


Related Topics

  Subject / Started by Replies Last post
1 Replies
Last post September 03, 2014, 01:17:22 AM
by MC
6 Replies
Last post July 20, 2015, 07:48:48 AM
by amsa
9 Replies
Last post August 16, 2016, 11:25:04 PM
by MC
4 Replies
Last post March 09, 2016, 11:14:56 PM
by MC
3 Replies
Last post April 05, 2016, 10:03:24 PM
by MC

SimplePortal 2.3.7 © 2008-2024, SimplePortal