Cisco Systems CL-28826-01

15-29

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter15 Managing Firewall AAA Rules

AAA Firewall Settings Policies

HTTP/NTLM Tab The HTTP and the NTLM areas contain the same following fields and

selections:

Set the Inactivity/Cache Time and the Absolute Time for

HTTP/NTLM and then, if desired, select Enable Passive

Authentication. Finally, select the Identity Policy that you want to

apply.

Method Order Tab Select the checkbox of each method you want to employ and then use

the up and down arrows to arrange the methods in the order you desire.

AAA Settings Tab Select the AAA Settings tab to specify the Authentication,

Authorization, and Account settings as detailed below.

Authenticate Using In the Authenticate Using section you can select the server group(s) to

use for authentication. Choices are:

•None—No authentication

•Default—Use the default authentication server group(s).

•Custom—Enable the selection of user specified authentication

server group(s). Then click Select to specify or add a server group.

Authorize Exec Operation Using In the Authorize Exec Operation Using section you can select the server

group(s) to use for authorization of executive operations. Choices are:

•None—No authorization

•Default—Use the default authorization server group(s)

•Custom—Enable the selection of user specified authorization

server group(s). Then click Select to specify or add a server group.

Perform Exec Operation Using In the Authorize Exec Operation Using section you can select the server

group(s) to use for performing executive operations. Choices are:

•None—No authorization

•Default—Use the default server group(s)

•Custom—Enable the selection of user specified server group(s).

Then click Select to specify or add a server group.

Accounting Notice Use Accounting Notice to specify accounting operations.

•None—No accounting notices

•Start-stop—Accounting notices at the beginning and end of

operations

•Stop-only—Accounting notices at the end of operations.

Accounting Server Groups Specify what accounting server groups to use. Either enter or select the

Accounting Server group.

Note If you choose to select an accounting server group, you are also

give the option to add an Accounting Server group.

Use Broadcast for Accounting Select this checkbox to broadcast accounting notices.

Table15-9 Firewall AAA IOS Timeout Value Setting Dialog Box (Continued)

Element Description