Cisco Cisco ASA 5512-X Adaptive Security Appliance - No Payload Encryption Manuel Technique
Network Diagram
The example that is described in this document uses this network setup:
Here is the flow for this network setup:
The user initiates a remote VPN session with the ASA (via Cisco AnyConnect Secure
Mobility Version 4.0).
Mobility Version 4.0).
1.
The user attempts to access http://172.16.32.1. (The traffic moves via FirePower, which is
installed on the VM and is managed by FireSight.)
installed on the VM and is managed by FireSight.)
2.
FirePower is configured so that it blocks (inline) that specific traffic (access policies), but it
also has a Correlation Policy that is triggered. As a result, it initiates the ISE remediation via
REST Application Programming Interface (API) (the QuarantineByIP method).
also has a Correlation Policy that is triggered. As a result, it initiates the ISE remediation via
REST Application Programming Interface (API) (the QuarantineByIP method).
3.
Once the ISE receives the REST API call, it looks up for the session and sends a RADIUS
Change of Authorization (CoA) to the ASA, which terminates that session.
Change of Authorization (CoA) to the ASA, which terminates that session.
4.