Cisco FirePOWER ASA 5500 series

To Next Page

To Previous Page

E-29

Cisco Security Appliance Command Line Configuration Guide

OL-10088-01

Appendix E Configuring an External Server for Authorization and Authentication

Configuring an External RADIUS Server

IPSec-Required-Client-Firewall-Capability

YYY

56 Integer

Single

0 = None

1 = Policy defined by remote

FW Are-You-

There (AYT)

2 = Policy pushed CPP

4 = Policy from server

IPSec-Client-Firewall-Filter-Name Y 57 String

Single

Specifies the name of the filter

to be pushed to the client as

firewall policy

IPSec-Client-Firewall-Filter-Optional

YYY

58 Integer

Single

0 = Required

1 = Optional

IPSec-Backup-Servers

YYY

59 String

Single

1 = Use Client-Configured list

2 = Disable and clear client list

3 = Use Backup Server list

IPSec-Backup-Server-List

YYY

60 String

Single

Server Addresses (space

delimited)

DHCP-Network-Scope

YYY

61 String

Single

IP Address

Intercept-DHCP-Configure-Msg

YYY

62 Boolean

Single

0 = Disabled

1 = Enabled

MS-Client-Subnet-Mask

YYY

63 Boolean

Single

An IP address

Allow-Network-Extension-Mode

YYY

64 Boolean

Single

0 = Disabled

1 = Enabled

Authorization-Type

YYY

65 Integer

Single

0 = None

1 = RADIUS

2 = LDAP

Authorization-Required Y 66 Integer

Single

0 = No

1 = Yes

Authorization-DN-Field

YYY

67 String

Single

Possible values: UID, OU, O,

CN, L, SP, C, EA, T, N, GN,

SN, I, GENQ, DNQ, SER,

use-entire-name

IKE-KeepAlive-Confidence-Interval

YYY

68 Integer

Single

10-300 seconds

Table E-4 Security Appliance Supported RADIUS Attributes and Values (continued)

Attribute Name

VPN

3000 ASA PIX

Attr.

Syntax/

Type

Single

Multi-

Valued

Single or Multi-

Valued

Main Page

Cisco FirePOWER ASA 5500 series

Table of Contents

Related product manuals