E-9
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Appendix E Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
cVPN3000-Required-Client-Firewall-
Product-Code
YYY32IntegerSingleCisco Systems Products:
1 = Cisco Intrusion
Prevention Security Agent
or Cisco Integrated Client
(CIC)
Zone Labs Products:
1 = Zone Alarm
2 = Zone AlarmPro
3 = Zone Labs Integrity
NetworkICE Product:
1 = BlackIce
Defender/Agent
Sygate Products:
1 = Personal Firewall
2 = Personal Firewall Pro
3 = Security Agent
cVPN3000-Required-Client-Firewall-
Description
YYY33String SingleString
cVPN3000-Require-Individual-User-AuthYYY34IntegerSingle0 = Disabled
1 = Enabled
cVPN3000-Require-HW-Client-Auth YYY35BooleanSingle0 = Disabled
1 = Enabled
cVPN3000-Authenticated-User-Idle-
Timeout
YYY36IntegerSingle1 - 35791394 minutes
cVPN3000-Cisco-IP-Phone-Bypass YYY37IntegerSingle0 = Disabled
1 = Enabled
cVPN3000-IPSec-Split-Tunneling-PolicyYYY38IntegerSingle0 = Tunnel everything
1 = Split tunneling
2 = Local LAN permitted
cVPN3000-IPSec-Required-Client-Firewall-
Capability
YYY39IntegerSingle0 = None
1 = Policy defined by remote
FW Are-You-There (AYT)
2 = Policy pushed CPP
4 = Policy from server
Table E-2 Security Appliance Supported LDAP Cisco Schema Attributes (continued)
Attribute Name/
OID (Object Identifier)
VPN
3000 ASA PIX
Attr.
OID
1
Syntax/
Type
Single
or
Multi-
Valued Possible Values
To Next Page
Loading...
