Hi. I cannot understand the application of Realm and Identity Source. I read on Cisco website and Internet that Realm is used for user control while being referred by access control policy. Realm makes FMC to download lists of users and groups from AD/LDAP servers.
In the other hand, the same guides mentioned that user-to-ip mappings are obtained by one of identity sources (ISE, User Agent and TS Agent). without user-to-ip information, FMC isn't able to control the users based on the username/groups. So I didn't understand, which one of these (Realm or Identity sources) is used and should be configured on FMC for user-based access control? Even inside RADIUS Server Group object on FMC, there is an option for Realm, which I don't understand its role here.
No comments:
Post a Comment