1-30
Cisco ASA Series CLI Configuration Guide
Appendix 1 Configuring an External Server for Authorization and Authentication
Configuring an External RADIUS Server
IPsec-Client-Firewall-Filter-Name 57 String Single Specifies the name of the filter to be pushed
to the client as firewall policy
IPsec-Client-Firewall-Filter-Optional Y 58 Integer Single 0 = Required
1 = Optional
IPsec-Default-Domain Y 28 String Single Specifies the single default domain name to
send to the client (1-255 characters).
IPsec-IKE-Peer-ID-Check Y 40 Integer Single 1 = Required
2 = If supported by peer certificate
3 = Do not check
IPsec-IP-Compression Y 39 Integer Single 0 = Disabled
1 = Enabled
IPsec-Mode-Config Y 31 Boolean Single 0 = Disabled
1 = Enabled
IPsec-Over-UDP Y 34 Boolean Single 0 = Disabled
1 = Enabled
IPsec-Over-UDP-Port Y 35 Integer Single 4001 - 49151. The default is10000.
IPsec-Required-Client-Firewall-Capability Y 56 Integer Single 0 = None
1 = Policy defined by remote FW
Are-You-There (AYT)
2 = Policy pushed CPP
4 = Policy from server
IPsec-Sec-Association 12 String Single Name of the security association
IPsec-Split-DNS-Names Y 29 String Single Specifies the list of secondary domain names
to send to the client (1-255 characters).
IPsec-Split-Tunneling-Policy Y 55 Integer Single 0 = No split tunneling
1 = Split tunneling
2 = Local LAN permitted
IPsec-Split-Tunnel-List Y 27 String Single Specifies the name of the network/ACL that
describes the split tunnel inclusion list.
IPsec-Tunnel-Type Y 30 Integer Single 1 = LAN-to-LAN
2 = Remote access
IPv6-Address-Pools Y 218 String Single Name of IP local pool-IPv6
IPv6-VPN-Filter Y 219 String Single ACL value
L2TP-Encryption 21 Integer Single Bitmap:
1 = Encryption required
2 = 40 bits
4 = 128 bits
8 = Stateless-Req
15= 40/128-Encr/Stateless-Req
Table 1-7 ASA Supported RADIUS Attributes and Values (continued)
Attribute Name ASA
Attr.
No.
Syntax/
Type
Single
or
Multi-
Valued Description or Value
To Next Page
Loading...
Need help?
General
