User Management
Configuring User Authentication Settings
Cisco ISA500 Series Integrated Security Appliances Administration Guide 395
9
-Retries: Enter the number of times that the security appliance will try to
contact the RADIUS server. The range is 0-10 attempts. The default value
is 2.
The security appliance first sends a request message to the primary
RADIUS server. If there is no response from the primary RADIUS server, the
security appliance waits the number of seconds that you set in the RADIUS
Server Timeout field, and then sends another request message. This
continues for the number of times that you set in the Retries field (or until
there is a valid response). If there is no valid response from the primary
RADIUS server after the specified number of retries, the security appliance
uses the secondary RADIUS server for the next authentication attempt. If the
secondary server also fails to respond after the specified number of retries,
the connection is dropped.
•RADIUS Servers: Choose the RADIUS group index from the drop-down list.
The RADIUS server settings of the selected group are displayed. You can
edit these settings here but the settings you specify will replace the default
settings of the selected group. To maintain the RADIUS server settings, go to
the Users > RADIUS Servers page. See Configuring RADIUS S ervers,
page 401.
STEP 5 In the RADIUS Users tab, en ter the followin g inform ation:
•Allow Only Users Listed Locally: Click On to allow only the RADIUS users
who also are present in the local database to login, or click Off to disable it.
•Mechanism for Setting User Group Memberships for RADIUS Users:
Select one of the following mechanisms to configure the user group
memberships for RADIUS users:
-Use RADIUS Filter-ID: Find the user group information by using the
Framed-Filter-ID attribute from the RADIUS server.
For example, the RADIUS server has three user groups (Group1, Group2,
and Group3) and the local database has two user groups (Group1 and
Group2). The following table displays the user group membership
settings.
Local
Database
Settings
RADIUS Server Settings
User1 in
Group1
User1 in
Group2
User1 in
Group3