Cisco FirePOWER ASA 5500 series

Cisco FirePOWER ASA 5500 series

989 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

13-3

Cisco Security Appliance Command Line Configuration Guide

OL-10088-01

Chapter 13 Configuring AAA Servers and the Local Database

AAA Server and Local Database Support

• RADIUS Server Support, page 13-3

• TACACS+ Server Support, page 13-4

• SDI Server Support, page 13-4

• NT Server Support, page 13-5

• Kerberos Server Support, page 13-5

• LDAP Server Support, page 13-6

• SSO Support for WebVPN with HTTP Forms, page 13-9

• Local Database Support, page 13-9

Summary of Support

Table 13-1 summarizes the support for each AAA service by each AAA server type, including the local

database. For more information about support for a specific AAA server type, refer to the topics

following the table.

RADIUS Server Support

The security appliance supports RADIUS servers.

Table 13-1 Summary of AAA Support

AAA Service

Database Type

Local RADIUS TACACS+ SDI NT Kerberos LDAP

HTTP

Form

Authentication of...

VPN users Yes Yes Yes Yes Yes Yes Yes Yes

1

1. HTTP Form protocol supports single sign-on authentication for WebVPN users only.

Firewall sessions Yes Yes Yes Yes Yes Yes Yes No

Administrators Yes Yes Yes Yes

2

2. SDI is not supported for HTTP administrative access.

Yes Ye s Yes N o

Authorization of...

VPN users Yes Yes No No No No Yes No

Firewall sessions No Yes

3

3. For firewall sessions, RADIUS authorization is supported with user-specific access lists only, which are received or

specified in a RADIUS authentication response.

Yes NoNoNo NoNo

Administrators Yes

4

4. Local command authorization is supported by privilege level only.

No Yes NoNoNo NoNo

Accounting of...

VPN connections No Yes Yes No No No No No

Firewall sessions No Yes Yes No No No No No

Administrators No Yes

5

5. Command accounting is available for TACACS+ only.

Yes NoNoNo NoNo

Table of Contents

Related product manuals

Preview: Cisco Firepower 2120

Cisco Firepower 2120

Preview: Cisco Firepower 4110

Cisco Firepower 4110

Preview: Cisco Firepower 1100

Cisco Firepower 1100

Preview: Cisco Firepower 1010

Cisco Firepower 1010

Preview: Cisco Firepower 2130

Cisco Firepower 2130

Preview: Cisco Firepower 4100

Cisco Firepower 4100

Cisco Firepower 2110

Cisco Firepower 2140

Preview: Cisco Firepower 4100 Series

Cisco Firepower 4100 Series

Preview: Cisco Firepower 2100 Series

Cisco Firepower 2100 Series

Preview: Cisco Firepower 1100 Series

Cisco Firepower 1100 Series

Preview: Cisco Firepower 1000 Series

Cisco Firepower 1000 Series