Contents
xxviii
Cisco ASA 5500 Series Configuration Guide using the CLI
Configuring TACACS+ Command Authorization 37-29
Configuring Management Access Accounting 37-30
Viewing the Currently Logged-In User 37-30
Recovering from a Lockout 37-31
Setting a Management Session Quota 37-32
Feature History for Management Access 37-33
CHAPTER
38 Configuring AAA Rules for Network Access 38-1
AAA Performance 38-1
Licensing Requirements for AAA Rules 38-1
Guidelines and Limitations 38-2
Configuring Authentication for Network Access 38-2
Information About Authentication 38-2
One-Time Authentication 38-2
Applications Required to Receive an Authentication Challenge 38-2
ASA Authentication Prompts 38-3
Static PAT and HTTP 38-4
Configuring Network Access Authentication 38-4
Enabling Secure Authentication of Web Clients 38-6
Authenticating Directly with the ASA 38-7
Authenticating HTTP(S) Connections with a Virtual Server 38-8
Authenticating Telnet Connections with a Virtual Server 38-9
Configuring Authorization for Network Access 38-11
Configuring TACACS+ Authorization 38-11
Configuring RADIUS Authorization 38-14
Configuring a RADIUS Server to Send Downloadable Access Control Lists 38-14
Configuring a RADIUS Server to Download Per-User Access Control List Names 38-18
Configuring Accounting for Network Access 38-18
Using MAC Addresses to Exempt Traffic from Authentication and Authorization 38-20
Feature History for AAA Rules 38-21
CHAPTER
39 Configuring Filtering Services 39-1
Information About Web Traffic Filtering 39-1
Configuring ActiveX Filtering 39-2
Information About ActiveX Filtering 39-2
Licensing Requirements for ActiveX Filtering 39-2
Guidelines and Limitations for ActiveX Filtering 39-3
Configuring ActiveX Filtering 39-3