Filter
Top Products
12-3
ASDM User Guide
OL-12180-01
Chapter 12 Configuring AAA Servers and User Accounts
AAA Server and Local Database Support
• RADIUS Server Support, page 12-3
• TACACS+ Server Support, page 12-4
• SDI Server Support, page 12-4
• NT Server Support, page 12-5
• Kerberos Server Support, page 12-5
• LDAP Server Support, page 12-5
• SSO Support for Clientless SSL VPN with HTTP Forms, page 12-6
• Local Database Support, page 12-6
Summary of Support
Table 12-1 summarizes the support for each AAA service by each AAA server type, including the local
database. For more information about support for a specific AAA server type, refer to the topics
following the table.
RADIUS Server Support
The security appliance supports RADIUS servers.
Table 12-1 Summary of AAA Support
AAA Service
Database Type
Local RADIUS TACACS+ SDI NT Kerberos LDAP
HTTP
Form
Authentication of...
VPN users Yes Yes Yes Yes Yes Yes Yes Yes
1
1. HTTP Form protocol supports single sign-on authentication for Clientless SSL VPN connections only.
Firewall sessions Yes Yes Yes Yes Yes Yes Yes No
Administrators Yes Yes Yes Yes
2
2. SDI is not supported for HTTP administrative access.
Yes Yes Yes No
Authorization of...
VPN users Yes Yes No No No No Yes No
Firewall sessions No Yes
3
3. For firewall sessions, RADIUS authorization is supported with user-specific access lists only, which are received or
specified in a RADIUS authentication response.
Yes NoNoNo NoNo
Administrators Yes
4
4. Local command authorization is supported by privilege level only.
No Yes NoNoNo NoNo
Accounting of...
VPN connections No Yes Yes No No No No No
Firewall sessions No Yes Yes No No No No No
Administrators No Yes
5
5. Command accounting is available for TACACS+ only.
Yes NoNoNo NoNo