Cisco Systems OL-12180-01 manual Summary of Support, Radius Server Support, 12-3

Page 3

Chapter 12 Configuring AAA Servers and User Accounts

AAA Server and Local Database Support

RADIUS Server Support, page 12-3

TACACS+ Server Support, page 12-4

SDI Server Support, page 12-4

NT Server Support, page 12-5

Kerberos Server Support, page 12-5

LDAP Server Support, page 12-5

SSO Support for Clientless SSL VPN with HTTP Forms, page 12-6

Local Database Support, page 12-6

Summary of Support

Table 12-1summarizes the support for each AAA service by each AAA server type, including the local database. For more information about support for a specific AAA server type, refer to the topics following the table.

Table 12-1 Summary of AAA Support

 

Database Type

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

HTTP

AAA Service

Local

RADIUS

TACACS+

SDI

NT

Kerberos

LDAP

Form

 

 

 

 

 

 

 

 

 

Authentication of...

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

VPN users

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes1

Firewall sessions

Yes

Yes

Yes

Yes

Yes

Yes

Yes

No

 

 

 

 

 

 

 

 

 

Administrators

Yes

Yes

Yes

Yes2

Yes

Yes

Yes

No

Authorization of...

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

VPN users

Yes

Yes

No

No

No

No

Yes

No

 

 

 

 

 

 

 

 

 

Firewall sessions

No

Yes3

Yes

No

No

No

No

No

Administrators

Yes4

No

Yes

No

No

No

No

No

Accounting of...

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

VPN connections

No

Yes

Yes

No

No

No

No

No

 

 

 

 

 

 

 

 

 

Firewall sessions

No

Yes

Yes

No

No

No

No

No

 

 

 

 

 

 

 

 

 

Administrators

No

Yes5

Yes

No

No

No

No

No

1.HTTP Form protocol supports single sign-on authentication for Clientless SSL VPN connections only.

2.SDI is not supported for HTTP administrative access.

3.For firewall sessions, RADIUS authorization is supported with user-specific access lists only, which are received or specified in a RADIUS authentication response.

4.Local command authorization is supported by privilege level only.

5.Command accounting is available for TACACS+ only.

RADIUS Server Support

The security appliance supports RADIUS servers.

 

 

ASDM User Guide

 

 

 

 

 

 

OL-12180-01

 

 

12-3

 

 

 

 

 

Page 2 Page 4
Image 3
Page 2 Page 4
Contents About Authentication AAA Overview12-1 12-2 About AuthorizationAAA Server and Local Database Support About AccountingSummary of Support Radius Server Support12-3 SDI Server Support Authentication MethodsRadius Authorization Functions TACACS+ Server SupportSDI Version Support Two-step Authentication ProcessNT Server Support Kerberos Server Support12-6 Ldap Server SupportSSO Support for Clientless SSL VPN with Http Forms Local Database Support12-7 Configuring the Local DatabaseUser Profiles Fallback Support12-8 User Accounts12-9 Add/Edit User Account Identity12-10 Add/Edit User Account VPN Policy12-11 Identifying AAA Server Groups and Servers AAA Server Groups12-12 12-13 12-14 Add/Edit AAA Server GroupEdit AAA Local Server Group Add/Edit AAA Server12-15 12-16 12-17 12-18 12-19 Test AAA Server12-20 Configuring an Authentication Prompt12-21 Configuring an Ldap Attribute MapAdd/Edit Ldap Attribute Map Add/Edit Ldap Attribute Map Map Name Tab12-22 Add/Edit Ldap Attribute Map Map Value Tab Add/Edit Ldap Attributes Value Map12-23 12-24
Top Page Image Contents