Cisco ASA Series Cli Configuration Manual page 889

Software version 9.0 for the services module

Hide thumbs Also See for ASA Series:

Table of Contents

Configuring the Identity Firewall

Supported Windows servers include Windows 2003, Windows 2008, and Windows 2008 R2.

For the steps to install and configure the AD Agent, see the Installation and Setup Guide for the Active

Directory Agent.

Before configuring the AD Agent in the ASA, obtain the secret key value that the AD Agent and the ASA

use to communicate. This value must match on both the AD Agent and the ASA.

Microsoft Active Directory

Microsoft Active Directory must be installed on a Windows server and accessible by the ASA. Supported

versions include Windows 2003, 2008, and 2008 R2 servers.

Before configuring the Active Directory server on the ASA, create a user account in Active Directory

for the ASA.

Additionally, the ASA sends encrypted log in information to the Active Directory server by using SSL

enabled over LDAP. SSL must be enabled on the Active Directory server. See the documentation for

Microsft Active Diretory for the steps to enable SSL for Active Directory.

Before running the AD Agent Installer, you must install the following patches on every Microsoft Active

Directory server that the AD Agent monitors. These patches are required even when the AD Agent is

installed directly on the domain controller server. See the README First for the Cisco Active Directory

Configuring the Identity Firewall

This section contains the following topics:

Task Flow for Configuring the Identity Firewall

To configure the Identity Firewall, perform the following tasks:

Configure the Active Directory domain in the ASA.

Chapters

Table of Contents