Contents
xxx
Cisco ASA 5500 Series Configuration Guide using ASDM
CHAPTER
38 Configuring AAA Servers and the Local Database 38-1
Information About AAA 38-1
Information About Authentication 38-2
Information About Authorization 38-2
Information About Accounting 38-3
Summary of Server Support 38-3
RADIUS Server Support 38-4
Authentication Methods 38-4
Attribute Support 38-4
RADIUS Authorization Functions 38-5
TACACS+ Server Support 38-5
RSA/SDI Server Support 38-5
RSA/SDI Version Support 38-5
Two-step Authentication Process 38-5
RSA/SDI Primary and Replica Servers 38-6
NT Server Support 38-6
Kerberos Server Support 38-6
LDAP Server Support 38-6
Authentication with LDAP 38-6
LDAP Server Types 38-7
HTTP Forms Authentication for Clientless SSL VPN 38-7
Local Database Support, Including as a Falback Method 38-7
How Fallback Works with Multiple Servers in a Group 38-8
Using Certificates and User Login Credentials 38-8
Using User Login Credentials 38-8
Using Certificates 38-9
Licensing Requirements for AAA Servers 38-9
Guidelines and Limitations 38-10
Configuring AAA 38-10
Task Flow for Configuring AAA 38-10
Configuring AAA Server Groups 38-11
Adding a Server to a Group 38-13
Configuring AAA Server Parameters 38-13
RADIUS Server Fields 38-14
TACACS+ Server Fields 38-15
SDI Server Fields 38-15
Windows NT Domain Server Fields 38-16
Kerberos Server Fields 38-16
LDAP Server Fields 38-17
