Name: Cisco ASA 5506-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

5-11

Cisco ASA Series Firewall CLI Configuration Guide

Chapter 5 Identity Firewall

Configure the Identity Firewall

To configure the Active Directory domain, perform the following steps:

Procedure

Step 1 Create the AAA server group and configure AAA server parameters for the Active Directory server.

aaa-server server-tag protocol ldap

Example:

hostname(config)# aaa-server adserver protocol ldap

Step 2 Configure the AAA server as part of a AAA server group and the AAA server parameters that are

host-specific for the Active Directory server.

aaa-server server-tag [(interface-name)] host {server-ip | name} [key] [timeout seconds]

Example:

hostname(config-aaa-server-group)# aaa-server adserver (mgmt) host 172.168.224.6

Step 3 Specifies the location in the LDAP hierarchy where the server should begin searching when it receives

an authorization request.

ldap-base-dn string

Example:

hostname(config-aaa-server-host)# ldap-base-dn DC=SAMPLE,DC=com

Specifying the ldap-base-dn command is optional. If you do not specify this command, the ASA

retrieves the defaultNamingContext from the Active Directory and uses it as the base DN.

Step 4 Specify the extent of the search in the LDAP hierarchy that the server should make when it receives an

authorization request.

ldap-scope subtree

Example:

hostname(config-aaa-server-host)# ldap-scope subtree

Step 5 Specify the login password for the LDAP server.

ldap-login-password string

Example:

hostname(config-aaa-server-host)# ldap-login-password obscurepassword

Step 6 Specify the name of the directory object that the system should bind this as.

ldap-login-dn string

Example:

hostname(config-aaa-server-host)# ldap-login-dn SAMPLE\user1

The ASA identifies itself for authenticated binding by attaching a Login DN field to the user

authentication request. The Login DN field describes the authentication characteristics of the ASA.

The string argument is a case-sensitive string of up to 128 characters that specifies the name of the

directory object in the LDAP hierarchy. Spaces are not permitted in the string, but other special

characters are allowed.

Other manuals for Cisco ASA 5506-X

Quick Start Guide14 pages

Easy Setup Guide11 pages

Installation Guide46 pages

Software Guide37 pages

Hardware Installation Guide52 pages

Mount And Connect12 pages

Mount The Chassis10 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco ASA 5506-X and is the answer not in the manual?

Cisco ASA 5506-X Specifications

General

Model	ASA 5506-X
Firewall Throughput	750 Mbps
Maximum Firewall Connections	50, 000
Maximum VPN Peers	50
Integrated Ports	8 x 1 GE
Stateful Inspection Throughput	750 Mbps
Weight	4.4 lb (2 kg)
Firewall Throughput (Multiprotocol)	750 Mbps
Firewall Throughput (Application Visibility and Control AVC)	250 Mbps
Concurrent Sessions	50, 000
New Connections per Second	10, 000
IPsec VPN Throughput	100 Mbps
Interfaces	8 x 1 GE
Memory	4 GB
Flash Memory	8 GB
Form Factor	Desktop
VPN Throughput	100 Mbps
Maximum Concurrent Sessions	50, 000
New Sessions per Second	10, 000
Operating Temperature	32 to 104°F (0 to 40°C)
Storage Temperature	-13 to 158°F (-25 to 70°C)
Power Supply	External
Humidity	10% to 90% non-condensing