1-7
Cisco ASA Series CLI Configuration Guide
Appendix 1 Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
IE-Proxy-Exception-List String Single A list of DNS domains. Entries must
be separated by the new line
character sequence (\n).
IE-Proxy-Method Y Y Y Integer Single 1 = Do not modify proxy settings
2 = Do not use proxy
3 = Auto detect
4 = Use ASA setting
IE-Proxy-Server Y Y Y Integer Single IP address
IETF-Radius-Class Y Y Y Single Sets the group policy for the remote
access VPN session. For versions
8.2 and later, we recommend that
you use the Group-Policy attribute.
You can use one of the three
following formats:
• group policy name
• OU=group policy name
• OU=group policy name:
IETF-Radius-Filter-Id Y Y Y String Single Access list name that is defined on
the ASA. The setting applies to
VPN remote access IPsec and SSL
VPN clients.
IETF-Radius-Framed-IP-Address Y Y Y String Single An IP address. The setting applies to
VPN remote access IPsec and SSL
VPN clients.
IETF-Radius-Framed-IP-Netmask Y Y Y String Single An IP address mask. The setting
applies to VPN remote access IPsec
and SSL VPN clients.
IETF-Radius-Idle-Timeout Y Y Y Integer Single Seconds
IETF-Radius-Service-Type Y Y Y Integer Single 1 = Login
2 = Framed
5 = Remote access
6 = Administrative
7 = NAS prompt
IETF-Radius-Session-Timeout Y Y Y Integer Single Seconds
IKE-Keep-Alives Y Y Y Boolean Single 0 = Disabled
1 = Enabled
IPsec-Allow-Passwd-Store Y Y Y Boolean Single 0 = Disabled
1 = Enabled
Table 1-2 ASA Supported Cisco Attributes for LDAP Authorization (continued)
Attribute Name
VPN
3000 ASA PIX
Syntax/
Type
Single or
Multi-Value
dPossible Values
To Next Page
Loading...
Need help?
General
