{"id":2807,"date":"2026-01-24T22:01:36","date_gmt":"2026-01-24T22:01:36","guid":{"rendered":"https:\/\/www.balajibandi.com\/?p=2807"},"modified":"2026-01-24T22:01:36","modified_gmt":"2026-01-24T22:01:36","slug":"fmc-and-ftd-external-authentication-with-cisco-iseusing-microsoft-active-directory-as-the-backend","status":"publish","type":"post","link":"https:\/\/www.balajibandi.com\/?p=2807","title":{"rendered":"FMC and FTD External authentication with Cisco ISE(Using Microsoft Active Directory as the Backend)"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\"><strong>Part of CCIE Sec Lab Learning &#8211; Additional like to add FMC external Authentication testing.<\/strong><\/mark><\/h2>\n\n\n\n<p>Centralized authentication is one of those things that feels \u201coptional\u201d until the day it absolutely isn\u2019t. Local FMC users scattered across environments don\u2019t scale, don\u2019t audit well, and don\u2019t survive staff turnover gracefully.<\/p>\n\n\n\n<p>This post walks through a <strong>clean, enterprise-grade design<\/strong> for authenticating <strong>Cisco FMC and FTD administrators via Cisco ISE<\/strong>, with <strong>Microsoft Active Directory as the identity source<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">Why Use ISE for FMC \/ FTD Authentication?<\/mark><\/h2>\n\n\n\n<p>At first glance, FMC can authenticate directly against AD or LDAP. So why put ISE in the middle?<\/p>\n\n\n\n<p>Because ISE gives you:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Centralized policy control<\/strong> (who gets access, and how)<\/li>\n\n\n\n<li><strong>Consistent authentication logic<\/strong> across network, VPN, firewall, and admin access<\/li>\n\n\n\n<li><strong>Role-based access control<\/strong> mapped cleanly to FMC roles<\/li>\n\n\n\n<li><strong>AAA auditing<\/strong> in one place<\/li>\n\n\n\n<li>Flexibility to later add <strong>MFA<\/strong>, posture, or certificate-based auth<\/li>\n<\/ul>\n\n\n\n<p>Think of ISE as the <em>policy brain<\/em>, and AD as the <em>identity store<\/em>.<\/p>\n\n\n\n<p>Lab Topology :<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"838\" height=\"915\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-49.png\" alt=\"\" class=\"wp-image-2808\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-49.png 838w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-49-275x300.png 275w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-49-768x839.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-49-705x770.png 705w\" sizes=\"auto, (max-width: 838px) 100vw, 838px\" \/><\/figure>\n\n\n\n<p><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\"><strong>Pre-Requisites :<\/strong><\/mark><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Infrastructure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cisco FMC (virtual) \/ FTD (Virtual) &#8211; using here 7.7 Latest Version<\/li>\n\n\n\n<li>Cisco ISE (3.x)<\/li>\n\n\n\n<li>Microsoft Active Directory domain (using Windows 2019)<\/li>\n\n\n\n<li>Time synchronization (NTP) across all systems (i am using IOL for NTP &#8211; get External from Public NTP)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Connectivity<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>FTD register (or Managed) with FMC<\/li>\n\n\n\n<li>FMC &#x2194; ISE: RADIUS (UDP 1812\/1813)<\/li>\n\n\n\n<li>ISE &#x2194; AD: LDAP \/ Kerberos<\/li>\n\n\n\n<li>DNS resolution working everywhere<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Accounts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AD admin account (for ISE AD join)<\/li>\n\n\n\n<li>FMC admin access (local for setting external Authentication)<\/li>\n\n\n\n<li>ISE admin access (Local Account to Manage IS)<\/li>\n\n\n\n<li>AD Accounts for  FMC GUI and CLI \/ FTD cli (Admin Account and Read Only account)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">Integrate ISE with Active Directory<\/mark><\/h2>\n\n\n\n<p>On Cisco ISE:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Navigate to<br><strong>Administration \u2192 Identity Management \u2192 External Identity Sources \u2192 Active Directory<\/strong><\/li>\n\n\n\n<li>Join ISE to the domain<\/li>\n\n\n\n<li>Verify:\n<ul class=\"wp-block-list\">\n<li>User authentication works<\/li>\n\n\n\n<li>AD groups are visible<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"550\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-1024x550.png\" alt=\"\" class=\"wp-image-2809\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-1024x550.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-300x161.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-768x412.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-1536x825.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50-705x379.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-50.png 1717w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>We need to get AD Groups for Admin and Read only Users :<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Import External Groups<br>Before you can write a policy, ISE needs to &#8220;know&#8221; about the specific groups in your AD.<br>Navigate to Administration > Identity Management > External Identity Sources.<br>Select Active Directory and choose your Join Point.<br>Click the Groups tab.<br>Click Add > Select Groups from Directory.<br>Click Retrieve Groups.<br>Check the boxes for the groups you want to use (e.g., FMCadmin and FMCuser) and click OK.<br>Save the configuration.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"540\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-1024x540.png\" alt=\"\" class=\"wp-image-2810\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-1024x540.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-300x158.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-768x405.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-1536x811.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51-705x372.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-51.png 1914w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>Configure the Authorization Policy<br>Now that the groups are imported, you can reference them in your Policy Set.<br>Navigate to Policy > Policy Sets.<br>Select the Policy Set (in this example &#8211; FMC and FTD Access) click on ><\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"287\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-1024x287.png\" alt=\"\" class=\"wp-image-2811\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-1024x287.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-300x84.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-768x215.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-1536x431.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-2048x574.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-52-705x198.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><br>Open the Authorization Policy section.<br>Click the + icon to create a new rule.<br>In the Conditions column, click the + to open the Condition Studio.<br>Click Create New Condition.<br>Select the Attribute Selector (the icon that looks like a folder\/dictionary).<br>Choose your AD Join Point (e.g., MyAD:ExternalGroups).<br>Select the Equals operator and choose the group imported.<br>Click Use.<\/p>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\"><\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"318\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-1024x318.png\" alt=\"\" class=\"wp-image-2812\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-1024x318.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-300x93.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-768x239.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-1536x477.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-2048x637.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-53-705x219.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Assign the appropriate Profiles (e.g., PermitAccess) and Security Groups (SGTs).<br>Save the policy.<\/p>\n\n\n\n<p>Now we configured FMC side to use ISE for External authentication.<\/p>\n\n\n\n<p>Click Settings &#8211;> USers<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"884\" height=\"682\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-54.png\" alt=\"\" class=\"wp-image-2813\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-54.png 884w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-54-300x231.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-54-768x593.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-54-705x544.png 705w\" sizes=\"auto, (max-width: 884px) 100vw, 884px\" \/><\/figure>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\"><\/ol>\n\n\n\n<p>Click External Authentication :<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"178\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-55.png\" alt=\"\" class=\"wp-image-2814\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-55.png 865w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-55-300x62.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-55-768x158.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-55-705x145.png 705w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p>Click Add External Authentication Objects <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"486\" height=\"190\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-56.png\" alt=\"\" class=\"wp-image-2815\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-56.png 486w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-56-300x117.png 300w\" sizes=\"auto, (max-width: 486px) 100vw, 486px\" \/><\/figure>\n\n\n\n<p>Key parts of the configuration to work :<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"775\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-1024x775.png\" alt=\"\" class=\"wp-image-2816\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-1024x775.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-300x227.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-768x581.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-1536x1163.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57-705x534.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-57.png 1757w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Part2 :<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"824\" height=\"1024\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58-824x1024.png\" alt=\"\" class=\"wp-image-2817\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58-824x1024.png 824w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58-241x300.png 241w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58-768x954.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58-705x876.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-58.png 1036w\" sizes=\"auto, (max-width: 824px) 100vw, 824px\" \/><\/figure>\n\n\n\n<p>before save we can do some testing with users from AD with password<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"135\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-1024x135.png\" alt=\"\" class=\"wp-image-2818\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-1024x135.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-300x39.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-768x101.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-1536x202.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-2048x270.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-59-705x93.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"461\" height=\"117\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60.png\" alt=\"\" class=\"wp-image-2819\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60.png 461w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60-300x76.png 300w\" sizes=\"auto, (max-width: 461px) 100vw, 461px\" \/><\/figure>\n\n\n\n<p>we will test ReadUser from AD Group<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"166\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-1024x166.png\" alt=\"\" class=\"wp-image-2820\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-1024x166.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-300x49.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-768x125.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-1536x250.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-2048x333.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-61-705x115.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"461\" height=\"117\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60.png\" alt=\"\" class=\"wp-image-2819\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60.png 461w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-60-300x76.png 300w\" sizes=\"auto, (max-width: 461px) 100vw, 461px\" \/><\/figure>\n\n\n\n<p>Click Save<\/p>\n\n\n\n<p>Now we enable External Authentication and test it.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"222\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-1024x222.png\" alt=\"\" class=\"wp-image-2821\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-1024x222.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-300x65.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-768x167.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-1536x333.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-2048x444.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-62-705x153.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Logout from Admin and test using Admin and Readuser account.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"802\" height=\"754\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-63.png\" alt=\"\" class=\"wp-image-2822\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-63.png 802w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-63-300x282.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-63-768x722.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-63-705x663.png 705w\" sizes=\"auto, (max-width: 802px) 100vw, 802px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"896\" height=\"135\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-64.png\" alt=\"\" class=\"wp-image-2823\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-64.png 896w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-64-300x45.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-64-768x116.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-64-705x106.png 705w\" sizes=\"auto, (max-width: 896px) 100vw, 896px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"760\" height=\"730\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-65.png\" alt=\"\" class=\"wp-image-2824\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-65.png 760w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-65-300x288.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-65-705x677.png 705w\" sizes=\"auto, (max-width: 760px) 100vw, 760px\" \/><\/figure>\n\n\n\n<p>You only see less menu compare to admin as below :<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"258\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-1024x258.png\" alt=\"\" class=\"wp-image-2825\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-1024x258.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-300x75.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-768x193.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-1536x387.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-2048x515.png 2048w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-66-705x177.png 705w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Now we test SSH connection  to FTD and FMC<\/p>\n\n\n\n<p>FMC Cli Access for ftdadmin user<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"294\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-1024x294.png\" alt=\"\" class=\"wp-image-2826\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-1024x294.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-300x86.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-768x221.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-1536x442.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67-705x203.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-67.png 1812w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>FTD cli access <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"386\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-1024x386.png\" alt=\"\" class=\"wp-image-2827\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-1024x386.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-300x113.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-768x289.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-1536x579.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68-705x266.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-68.png 1712w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Verify the user (you can notice auth remote)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"131\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-1024x131.png\" alt=\"\" class=\"wp-image-2828\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-1024x131.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-300x38.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-768x98.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-1536x197.png 1536w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69-705x90.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-69.png 1578w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In the ISE Radius Live Logs you can see the success logs :<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"245\" src=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70-1024x245.png\" alt=\"\" class=\"wp-image-2829\" srcset=\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70-1024x245.png 1024w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70-300x72.png 300w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70-768x183.png 768w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70-705x168.png 705w, https:\/\/www.balajibandi.com\/wp-content\/uploads\/2026\/01\/image-70.png 1478w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Happy Labingggggggggggggggggggggg!<\/strong><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Part of CCIE Sec Lab Learning &#8211; Additional like to add FMC external Authentication testing. Centralized authentication is one of those things that feels \u201coptional\u201d until the day it absolutely isn\u2019t. Local FMC users scattered across environments don\u2019t scale, don\u2019t audit well, and don\u2019t survive staff turnover gracefully. This post walks through a clean, enterprise-grade [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,2],"tags":[],"class_list":["post-2807","post","type-post","status-publish","format-standard","hentry","category-ccie-sec","category-cisco"],"_links":{"self":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/2807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2807"}],"version-history":[{"count":1,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/2807\/revisions"}],"predecessor-version":[{"id":2830,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/2807\/revisions\/2830"}],"wp:attachment":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}