Cisco Systems ASA 5580 Webcam User Manual


 
8-7
Cisco ASA Series Firewall ASDM Configuration Guide
Chapter 8 Configuring AAA Rules for Network Access
Configuring Authentication for Network Access
Step 3 In the AAA Server Group drop-down list, choose a server group. To add a AAA server to the server
group, click Add Server.
If you chose LOCAL for the AAA server group, you can optionally add a new user by clicking Add User.
See the “Adding a User Account to the Local Database” section on page 33-3 in the general operations
configuration guide for more information.
Step 4 In the Source field, add the source IP address, or click the ellipsis (...) to choose an IP address already
defined in ASDM.
Step 5 In the Destination field, enter the destination IP address, or click the ellipsis (...) to choose an IP address
already defined in ASDM.
Step 6 In the Service field, enter an IP service name or number for the destination service, or click the ellipsis
(...) to choose a service.
Step 7 (Optional) In the Description field, enter a description.
Step 8 (Optional) Click More Options to do any of the following:
To specify a source service for TCP or UDP, enter a TCP or UDP service in the Source Service field.
The destination service and source service must be the same. Copy and paste the destination Service
field to the Source Service field.
To make the rule inactive, clear the Enable Rule check box.
You may not want to remove a rule, but instead turn it off.
To set a time range for the rule, In the Time Range drop-down list, choose an existing time range.
To add a new time range, click the ellipsis (...). For more information, see the “Configuring Time
Ranges” section on page 20-15 in the general operations configuration guide.
Step 9 Click OK.
The Add Authentication Rule dialog box closes and the rule appears in the AAA Rules table.
Step 10 Click Apply.
The changes are saved to the running configuration.
For more information about authentication, see the “Information About Authentication” section on
page 8-2.
Enabling the Redirection Method of Authentication for HTTP and HTTPS
This method of authentication enables HTTP(S) listening ports to authenticate network users. When you
enable a listening port, the ASA serves an authentication page for direct connections and, by enabling
redirection, for through traffic. This method also prevents the authentication credentials from continuing
to the destination server. See the “ASA Authentication Prompts” section on page 8-3 for more
information about the redirection method compared to the basic method.
To enable a AAA listener, perform the following steps:
Step 1 In the Configuration > Firewall > AAA Rules pane, click Advanced.
The AAA Rules Advanced Options dialog box appears.
Step 2 Under Interactive Authentication, click Add.
The Add Interactive Authentication Entry dialog box appears.