6-32
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 6 Managing Policy Objects
Understanding AAA Server and Server Group Objects
AAA Server Dialog Box—RADIUS Settings
Use the RADIUS settings in the AAA Server dialog box to configure a RADIUS AAA server object.
Navigation Path
Go to the Add or Edit AAA Server Dialog Box, page 6-30 and select RADIUS in the Protocol field.
Related Topics
Creating AAA Server Objects, page 6-29
Timeout The amount of time to wait for a response to a request until the AAA
server is considered unresponsive. If there are other servers in the
group, the next server is tried.
Cisco IOS routers—The range is 1-1000 seconds. The default is 5
seconds.
ASA/PIX 7.x+, FWSM 3.1+ devices—The range is 1-300 seconds.
The default is 10 seconds.
PIX 6.3 firewalls—The range is 1-512 seconds. The default is 5
seconds.
IPS devices—The range is 1-512 seconds. The default is 3 seconds.
Protocol The protocol used by the AAA server. The fields below the protocol list
change depending on your selection.
For specific information about the fields, see the topics indicated.
The following protocols are the most common:
RADIUS—All device types. See AAA Server Dialog
Box—RADIUS Settings, page 6-32.
TACACS+—All device types except IPS. See AAA Server
Dialog Box—TACACS+ Settings, page 6-35.
The following protocols are supported for ASA/PIX 7.x+ and
FWSM 3.1+ devices; LDAP is supported on IOS devices that
support ScanSafe policies:
Kerberos—S ee AAA Server Dialog Box—Kerberos Settings,
page 6-36.
LDAP—See AAA Server Dialog Box—LDAP Settings,
page 6-37.
NT—See AAA Server Dialog Box—NT Settings, page 6-40.
SDI—See AAA Server Dialog Box—SDI Settings, page6-40.
HTTP-FORM—See AAA Server Dialog Box—HTTP-FORM
Settings, page 6-41.
Category The category assigned to the object. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.
Table6-7 AAA Server Dialog Box—General Settings (Continued)
Element Description