B-32
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Appendix B Configuring an External Server for Authorization and Authentication
Configuring an External RADIUS Server
L2TP-Encryption Y 21 Integer Single Bitmap:
1 = Encryption required
2 = 40 bit
4 = 128 bits
8 = Stateless-Req
15= 40/128-Encr/Stateless-Req
Group-Policy Y Y 25 String Single Sets the group policy for the
remote access VPN session. For
version 8.2 and later, use this
attribute instead of
IETF-Radius-Class. You can
use one of the three following
formats:
• <group policy name>
• OU=<group policy name>
• OU=<group policy name>;
IPSec-Split-Tunnel-List YYY27StringSingleSpecifies the name of the
network/access list that
describes the split tunnel
inclusion list
IPSec-Default-Domain YYY28StringSingleSpecifies the single default
domain name to send to the
client (1-255 characters)
IPSec-Split-DNS-Names YYY29StringSingleSpecifies the list of secondary
domain names to send to the
client (1-255 characters)
IPSec-Tunnel-Type YYY30IntegerSingle1 = LAN-to-LAN
2 = Remote access
IPSec-Mode-Config YYY31BooleanSingle0 = Disabled
1 = Enabled
IPSec-User-Group-Lock Y 33 Boolean Single 0 = Disabled
1 = Enabled
IPSec-Over-UDP YYY34BooleanSingle0 = Disabled
1 = Enabled
IPSec-Over-UDP-Port YYY35IntegerSingle4001 - 49151, default = 10000
Banner2 YYY36StringSingleA banner string that is
concatenated to the Banner1
string, if configured.
PPTP-MPPC-Compression Y 37 Integer Single 0 = Disabled
1 = Enabled
Table B-7 Security Appliance Supported RADIUS Attributes and Values (continued)
Attribute Name
VPN
3000 ASA PIX
Attr.
#
Syntax/
Type
Single
or
Multi-
Valued Description or Value
To Next Page
Loading...
