Policy Trust In local domain Outside local domain
Check
credentials
Off Messages are challenged for
authentication.
Messages that fail authentication are
rejected.
Messages that pass authentication are
classified as authenticated and a P-
Asserted-Identity header is inserted into
the message.
Messages are not challenged for
authentication.
All messages are classified as
unauthenticated.
Any existing P-Asserted-Identity headers
are removed.
On Messages with an existing P-Asserted-
Identity header are classified as
authenticated, without further challenge.
The P-Asserted-Identity header is passed
on unchanged (keeping the originator's
asserted ID).
Messages without an existing P-Asserted-
Identity header are challenged. If
authentication passes, the message is
classified as authenticated and a P-
Asserted-Identity header is inserted into
the message. If authentication fails, the
message is rejected.
Messages are not challenged for
authentication.
Messages with an existing P-Asserted-
Identity header are classified as
authenticated, and the header is passed
on unchanged.
Messages without an existing P-Asserted-
Identity header are classified as
unauthenticated.
Do not check
credentials
Off Messages are not challenged for
authentication.
All messages are classified as
unauthenticated.
Any existing P-Asserted-Identity headers
are removed.
Messages are not challenged for
authentication.
All messages are classified as
unauthenticated.
Any existing P-Asserted-Identity headers
are removed.
On Messages are not challenged for
authentication.
Messages with an existing P-Asserted-
Identity header are classified as
authenticated, and the header is passed
on unchanged.
Messages without an existing P-Asserted-
Identity header are classified as
unauthenticated.
Messages are not challenged for
authentication.
Messages with an existing P-Asserted-
Identity header are classified as
authenticated, and the header is passed
on unchanged.
Messages without an existing P-Asserted-
Identity header are classified as
unauthenticated.
Treat as
authenticated
Off Messages are not challenged for
authentication.
All messages are classified as
authenticated.
Any existing P-Asserted-Identity header is
removed and a new one containing the
VCS's originator ID is inserted into the
message.
Messages are not challenged for
authentication.
All messages are classified as
unauthenticated.
Any existing P-Asserted-Identity headers
are removed.
Cisco VCS Administrator Guide (X8.1.1) Page 106 of 507
Device authentication
About device authentication
To Next Page
Loading...
Need help?
General