C-11
Cisco ASA 5500 Series Configuration Guide using the CLI
AppendixC Configuring an External Server for Authorization and Authentication
Configuring an External LDAP Server
Tunneling-Protocols Y Y Y Integer Single 1 = PPTP
2 = L2TP
4 = IPSec (IKEv1)
8 = L2TP/IPSec
16 = WebVPN
32 = SVC
64 = IPsec (IKEv2)
8 and 4 are mutually exclusive
(0 - 11, 16 - 27, 32 - 43, 48 - 59 are
legal values).
Use-Client-Address Y Boolean Single 0 = Disabled
1 = Enabled
User-Auth-Server-Name Y String Single IP address or hostname
User-Auth-Server-Port Y Integer Single Port number for server protocol
User-Auth-Server-Secret Y String Single Server password
WebVPN-ACL-Filters Y String Single Webtype access list name
WebVPN-Apply-ACL-Enable Y Y Integer Single 0 = Disabled
1 = Enabled
With Version 8.0 and later, this
attribute is not required.
WebVPN-Citrix-Support-Enable Y Y Integer Single 0 = Disabled
1 = Enabled
With Versions 8.0 and later, this
attribute is not required.
WebVPN-Enable-functions Integer Single Not used - deprecated
WebVPN-Exchange-Server-
Address
String Single Not used - deprecated
WebVPN-Exchange-Server-
NETBIOS-Name
String Single Not used - deprecated
WebVPN-File-Access-Enable Y Y Integer Single 0 = Disabled
1 = Enabled
WebVPN-File-Server-Browsing-
Enable
Y Y Integer Single 0 = Disabled
1 = Enabled
WebVPN-File-Server-Entry-
Enable
Y Y Integer Single 0 = Disabled
1 = Enabled
WebVPN-Forwarded-Ports Y String Single Port-forward list name
WebVPN-Homepage Y Y String Single A URL such as
http://www.example.com
TableC-2 ASA Supported Cisco Attributes for LDAP Authorization (continued)
Attribute Name VPN 3000 ASA PIX
Syntax/
Type
Single or
Multi-Valued Possible Values