6-46
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 6 Managing Policy Objects
Understanding AAA Server and Server Group Objects
Step 5 Select the protocol to be used by the servers in the group.
Step 6 Enter the names of the AAA server policy objects that define the AAA servers to include in the group.
Click Select to select the objects from a list filtered by the protocol you selected. You can also create
new AAA server objects from the selection list. Separate multiple objects with commas.
Step 7 Configure the additional options that you want:
Make this Group the Default AAA Server Group—For IOS devices only, whether you are using this
group as the default group. Use this option if you intend to have a single global server group for this
protocol for all policies requiring AAA. For more information, see Default AAA Server Groups and
IOS Devices, page 6-28.
ASA 8.4(2+) devices—If you are creating a RADIUS group containing Active Directory agent
servers, select AD Agent Mode. This option indicates that the servers in the group are not
full-function RADIUS servers but instead provide AD agent functions for identity-aware firewall.
Use this group in the Identity Options policy.
ASA, PIX, FWSM devices—Select options for how to handle AAA servers that stop responding,
and for how to send accounting messages. For more information, see AAA Server Group Dialog
Box, page 6-46.
Step 8 (Optional) Under Category, select a category to help you identify this object in the Objects table. See
Using Category Objects, page 6-12.
Step 9 (Optional) Select Allow Value Override per Device to allow the properties of this object to be redefined
on individual devices. See Allowing a Policy Object to Be Overridden, page 6-18.
Step 10 Click OK to save the object.
AAA Server Group Dialog Box
Use the AAA Server Group dialog box to create, copy, and edit AAA server groups. When defining a
policy that uses a AAA server for authentication, authorization, or accounting, you select the server by
selecting the server group to which the server belongs.
Navigation Path
Select Manage > Policy Objects, then select AAA Server Groups from the Object Type Selector.
Right-click inside the work area and select New Object or right-click a row and select Edit Object.
Related Topics
Creating AAA Server Group Objects, page 6-45
Understanding AAA Server and Server Group Objects, page 6-24
Creating Policy Objects, page 6-9
Add or Edit AAA Server Dialog Box, page 6-30
Policy Object Manager, page 6-4