E-26
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Appendix E Configuring an External Server for Authorization and Authentication
Configuring an External RADIUS Server
IPSec-Authentication Y 13 Integer Single 0 = None
1 = RADIUS
2 = LDAP (authorization only)
3 = NT Domain
4 = SDI
5 = Internal
6 = RADIUS with Expiry
7 = Kerberos/Active Directory
Banner1
YYY
15 String
Single
Banner string
IPSec-Allow-Passwd-Store
YYY
16 Boolean
Single
0 = Disabled
1 = Enabled
Use-Client-Address Y 17 Boolean
Single
0 = Disabled
1 = Enabled
PPTP-Encryption Y 20 Integer
Single
Bitmap:
1 = Encryption required
2 = 40 bits
4 = 128 bits
8 = Stateless-Required
Example: 15 =
40/128-Encr/Stateless-Req
L2TP-Encryption Y 21 Integer
Single
Bitmap:
1 = Encryption required
2 = 40 bit
4 = 128 bits
8 = Stateless-Req
15 =
40/128-Encr/Stateless-Req
IPSec-Split-Tunnel-List
YYY
27 String
Single
Specifies the name of the
network/access list that
describes the split tunnel
inclusion list
IPSec-Default-Domain
YYY
28 String
Single
Specifies the single default
domain name to send to the
client (1-255 characters)
Table E-4 Security Appliance Supported RADIUS Attributes and Values (continued)
Attribute Name
VPN
3000 ASA PIX
Attr.
#
Syntax/
Type
Single
or
Multi-
Valued
Single or Multi-
Valued
To Next Page
Loading...
