EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #546 background imageLoading...
Page #546 background image
1-12
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Objects
Configuring Objects
The ASA sends an LDAP query to the Active Directory server for user groups globally defined in the
Active Directory domain controller. The ASA imports these groups for identity-based rules. However,
the ASA might have localized network resources that are not defined globally that require local user
groups with localized security policies. Local user groups can contain nested groups and user groups that
are imported from Active Directory. The ASA consolidates local and Active Directory groups.
A user can belong to local user groups and user groups imported from Active Directory.
Prerequisites
See Chapter 1, “Configuring the Identity Firewall, to enable IDFW.
Detailed Steps
Command Purpose
Step 1
object-group user user_group_name
Example:
hostname(config)# object-group user users1
Defines object groups that you can use to control access with the
Identity Firewall.
Step 2
Add one or more of the following group members:
user domain_NetBIOS_name\user_name
Example:
hostname(config-user-object-group)# user
SAMPLE\users1
Specifies the user to add to the access rule.
The user_name can contain any character including [a-z], [A-Z],
[0-9], [!@#$%^&()-_{}. ]. If domain_NetBIOS_name\user_name
contains a space, you must enclose the domain name and user
name in quotation marks.
The user_name can be part of the LOCAL domain or a user
imported by the ASA from Active Directory domain.
If the domain_NetBIOS_name is associated with a AAA server,
the user_name must be the Active Directory sAMAccountName,
which is unique, instead of the common name (cn), which might
not be unique.
The domain_NetBIOS_name can be LOCAL or the actual domain
name as specified in user-identity domain
domain_NetBIOS_name aaa-server aaa_server_group_tag
command.
group-object group_id
Example:
hostname(config-network)# group-object
Engineering_groups
Adds an existing object group under this object group. The nested
group must be of the same type.
Step 3
description text
Example:
hostname(config-protocol)# description New
Group
(Optional) Adds a description. The description can be up to 200
characters.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals