EasyManua.ls Logo

Cisco ASA 5540 - Page 1446

Cisco ASA 5540
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
65-22
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 65 Configuring Dynamic Access Policies
Understanding VPN Access Policies
Guide
This section provides information about constructing logical expressions for AAA or Endpoint
attributes. Be aware that doing so requires sophisticated knowledge of Lua (www.lua.org).
In the Advanced field you enter free-form Lua text that represents AAA and/or endpoint selection logical
operations. ASDM does not validate text that you enter here; it just copies this text to the DAP policy
file, and the adaptive security appliance processes it, discarding any expressions it cannot parse.
This option is useful for adding selection criteria other than what is possible in the AAA and endpoint
attribute areas above. For example, while you can configure the adaptive security appliance to use AAA
attributes that satisfy any, all, or none of the specified criteria, endpoint attributes are cumulative, and
must all be satisfied. To let the security appliance employ one endpoint attribute or another, you need to
create appropriate logical expressions in Lua and enter them here.
For a list of AAA Selection attributes, including proper name syntax for creating logical
expressions, see Table 65-1.
For a list of endpoint selection attributes, including proper name syntax for creating logical
expressions, see Table 65-3.
The following sections provide detailed explanations of creating Lua EVAL expressions, as well as
examples.
Syntax for Creating Lua EVAL Expressions
Constructing DAP EVAL Expressions
The DAP CheckAndMsg Function
Checking for a Single Antivirus Program
Checking for Antivirus Definitions Within the Last 10 Days
Checking for a Hotfix on the User PC
Checking for Antivirus Programs
Checking for Antivirus Programs and Definitions Older than 1 1/2 Days
Additional Lua Functions
OU-Based Match Example
Group Membership Example
Antivirus Example
Antispyware Example
Firewall Example
Antivirus, Antispyware, or any Firewall Example
CheckAndMsg with Custom Function Example
Further Information on Lua
Syntax for Creating Lua EVAL Expressions
This section provides information about the syntax for creating Lua EVAL expressions.

Table of Contents

Other manuals for Cisco ASA 5540

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Getting Started Guide
Getting Started Guide208 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages

Related product manuals