Filter
Top Products
35-6
Cisco ASDM User Guide
OL-16647-01
Chapter 35 General
Group Policies
Modes
The following table shows the modes in which this feature is available:
Add AAA Server Group
The Add AAA Server Group dialog box lets you configure a new AAA server group. The Accounting
Mode attribute applies only to RADIUS and TACACS+ protocols.
Fields
• Server Group—Specifies the name of the server group.
• Protocol—(Display only) Indicates whether this is a RADIUS or an LDAP server group.
• Accounting Mode—Indicates whether to use simultaneous or single accounting mode. In single
mode, the security appliance sends accounting data to only one server. In simultaneous mode, the
security appliance sends accounting data to all servers in the group. The Accounting Mode attribute
applies only to RADIUS and TACACS+ protocols.
• Reactivation Mode—Specifies the method by which failed servers are reactivated: Depletion or
Timed reactivation mode. In Depletion mode, failed servers are reactivated only after all of the
servers in the group become inactive. In Timed mode, failed servers are reactivated after 30 seconds
of down time.
• Dead Time—Specifies, for depletion mode, the number of minutes (0 through 1440) that must elapse
between the disabling of the last server in the group and the subsequent re-enabling of all servers.
The default value is 10 minutes. This field is not available for timed mode.
• Max Failed Attempts— Specifies the number (an integer in the range 1 through 5) of failed
connection attempts allowed before declaring a nonresponsive server inactive. The default value is
3 attempts.
Adding or Editing a Remote Access Internal Group Policy, General Attributes
The Add or Edit Group Policy window lets you specify tunneling protocols, filters, connection settings,
and servers for the group policy being added or modified. For each of the fields on this window, checking
the Inherit check box lets the corresponding setting take its value from the default group policy. Inherit
is the default value for all of the attributes on this dialog box.
Fields
The following attributes appear in the Add Internal Group Policy > General window. They apply to SSL
VPN and IPSec sessions, or clientless SSL VPN sessions. Thus, several are present for one type of
session, but not the other.
• Name—Specifies the name of this group policy. For the Edit function, this field is read-only.
• Banner—Specifies the banner text to present to users at login. The length can be up to 491
characters. There is no default value.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——