EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #865 background imageLoading...
Page #865 background image
1-19
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AAA Servers and the Local Database
Configuring AAA
To set up VPN user authorization using LDAP, perform the following steps.
Detailed Steps
Examples
While there are other authorization-related commands and options available for specific requirements,
the following example shows commands for enabling user authorization with LDAP. The example then
creates an IPsec remote access tunnel group named remote-1, and assigns that new tunnel group to the
previously created ldap_dir_1 AAA server group for authorization:
hostname(config)# tunnel-group remote-1 type ipsec-ra
hostname(config)# tunnel-group remote-1 general-attributes
hostname(config-general)# authorization-server-group ldap_dir_1
hostname(config-general)#
After you complete this configuration work, you can then configure additional LDAP authorization
parameters such as a directory password, a starting point for searching a directory, and the scope of a
directory search by entering the following commands:
hostname(config)# aaa-server ldap_dir_1 protocol ldap
hostname(config-aaa-server-group)# aaa-server ldap_dir_1 host 10.1.1.4
hostname(config-aaa-server-host)# ldap-login-dn obscurepassword
hostname(config-aaa-server-host)# ldap-base-dn starthere
hostname(config-aaa-server-host)# ldap-scope subtree
hostname(config-aaa-server-host)#
Command Purpose
Step 1
aaa-server server_group protocol {kerberos | ldap |
nt | radius | sdi | tacacs+}
Example:
hostname(config)# aaa-server servergroup1 protocol
ldap
hostname(config-aaa-server-group)
Creates a AAA server group.
Step 2
tunnel-group groupname
Example:
hostname(config)# tunnel-group remotegrp
Creates an IPsec remote access tunnel group named
remotegrp.
Step 3
tunnel-group groupname general-attributes
Example:
hostname(config)# tunnel-group remotegrp
general-attributes
Associates the server group and the tunnel group.
Step 4
authorization-server-group group-tag
Example:
hostname(config-general)# authorization-server-group
ldap_dir_1
Assigns a new tunnel group to a previously created
AAA server group for authorization.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals