EasyManuals Logo

Cisco ASA Series Configuration Guide

Cisco ASA Series
428 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #71 background imageLoading...
Page #71 background image
5-11
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 5 Identity Firewall
Configure the Identity Firewall
To configure the Active Directory domain, perform the following steps:
Procedure
Step 1 Create the AAA server group and configure AAA server parameters for the Active Directory server.
aaa-server server-tag protocol ldap
Example:
hostname(config)# aaa-server adserver protocol ldap
Step 2 Configure the AAA server as part of a AAA server group and the AAA server parameters that are
host-specific for the Active Directory server.
aaa-server server-tag [(interface-name)] host {server-ip | name} [key] [timeout seconds]
Example:
hostname(config-aaa-server-group)# aaa-server adserver (mgmt) host 172.168.224.6
Step 3 Specifies the location in the LDAP hierarchy where the server should begin searching when it receives
an authorization request.
ldap-base-dn string
Example:
hostname(config-aaa-server-host)# ldap-base-dn DC=SAMPLE,DC=com
Specifying the ldap-base-dn command is optional. If you do not specify this command, the ASA
retrieves the defaultNamingContext from the Active Directory and uses it as the base DN.
Step 4 Specify the extent of the search in the LDAP hierarchy that the server should make when it receives an
authorization request.
ldap-scope subtree
Example:
hostname(config-aaa-server-host)# ldap-scope subtree
Step 5 Specify the login password for the LDAP server.
ldap-login-password string
Example:
hostname(config-aaa-server-host)# ldap-login-password obscurepassword
Step 6 Specify the name of the directory object that the system should bind this as.
ldap-login-dn string
Example:
hostname(config-aaa-server-host)# ldap-login-dn SAMPLE\user1
The ASA identifies itself for authenticated binding by attaching a Login DN field to the user
authentication request. The Login DN field describes the authentication characteristics of the ASA.
The string argument is a case-sensitive string of up to 128 characters that specifies the name of the
directory object in the LDAP hierarchy. Spaces are not permitted in the string, but other special
characters are allowed.

Table of Contents

Other manuals for Cisco ASA Series

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
ModelASA 5505
InterfacesVaries by model (Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, etc.)
High AvailabilityActive/Standby or Active/Active (varies by model)
Power SupplyVaries by model
Form FactorVaries by model
Operating SystemCisco ASA Software
IPsec VPNSupported
SSL VPNSupported
IPS ThroughputVaries by model

Related product manuals