B-34
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Appendix B Configuring an External Server for Authorization and Authentication
Configuring an External RADIUS Server
Cisco-IP-Phone-Bypass YYY51IntegerSingle0 = Disabled
1 = Enabled
IPSec-Split-Tunneling-Policy YYY55IntegerSingle0 = No split tunneling
1 = Split tunneling
2 = Local LAN permitted
IPSec-Required-Client-Firewall-CapabilityYYY56IntegerSingle0 = None
1 = Policy defined by remote
FW Are-You-There (AYT)
2 = Policy pushed CPP
4 = Policy from server
IPSec-Client-Firewall-Filter-Name Y 57 String Single Specifies the name of the filter
to be pushed to the client as
firewall policy
IPSec-Client-Firewall-Filter-Optional YYY58IntegerSingle0 = Required
1 = Optional
IPSec-Backup-Servers YYY59StringSingle1 = Use Client-Configured list
2 = Disable and clear client list
3 = Use Backup Server list
IPSec-Backup-Server-List YYY60StringSingleServer Addresses (space
delimited)
DHCP-Network-Scope YYY61StringSingleIP Address
Intercept-DHCP-Configure-Msg YYY62BooleanSingle0 = Disabled
1 = Enabled
MS-Client-Subnet-Mask YYY63BooleanSingleAn IP address
Allow-Network-Extension-Mode YYY64BooleanSingle0 = Disabled
1 = Enabled
Authorization-Type YYY65IntegerSingle0 = None
1 = RADIUS
2 = LDAP
Authorization-Required Y 66 Integer Single 0 = No
1 = Yes
Authorization-DN-Field YYY67StringSinglePossible values: UID, OU, O,
CN, L, SP, C, EA, T, N, GN, SN,
I, GENQ, DNQ, SER,
use-entire-name
IKE-KeepAlive-Confidence-Interval YYY68IntegerSingle10-300 seconds
WebVPN-Content-Filter-Parameters Y Y 69 Integer Single 1 = Java ActiveX
2 = Java Script
4 = Image
8 = Cookies in images
Table B-7 Security Appliance Supported RADIUS Attributes and Values (continued)
Attribute Name
VPN
3000 ASA PIX
Attr.
#
Syntax/
Type
Single
or
Multi-
Valued Description or Value
To Next Page
Loading...
Need help?
General
