12-14
ASDM User Guide
OL-12180-01
Chapter12 Configuring AAA Servers and User Accounts
Identifying AAA Server Groups and Servers
Delete—Removes the selected AAA server from the list.
Move up—Moves the selected AAA server up in the AAA sequence.
Move down—Moves the selected AAA server back in the AAA sequence.
Test—Displays the Test AAA Server dialog box.
Modes
The following table shows the modes in which this feature is available:
Add/Edit AAA Server Group
The Add/Edit AAA Server Group dialog box lets you add or modify AAA server groups. The results
appear in the AAA Server table.
Fields
Server Group—Display only.Shows the name of the selected server group.
Protocol drop-down list—Specifies the protocols supported by servers in the group. They include
RADIUS,TACACS+, NT Domain, SDI, Kerberos,LDAP, and HTTP Form for single sign-on (users
of Clientless SSL VPN only).
Note The following fields are not available after selecting the HTTP Form protocol.
Accounting Mode—Specifies the accounting mode used with the server group.
Simultaneous—Configures the security appliance to send accounting data to all servers in the
group.
Single—Configures the security appliance to send accounting data to only one server of the
group.
Reactivation Mode—Specifies the method by which failed servers are reactivated.
Depletion—Configures the security appliance to reactivate failed servers only after all of the
servers in the group are inactive.
Timed—Configures the security appliance to reactive failed servers after 30 seconds of down
time.
Dead Time—Specifies the number of minutes that will elapse between the disabling of the last
serverin the group and the subsequent reenabling of all servers. This field is not available for timed
mode.
Max Failed Attempts—Specifies the number of failed connection attempts (1 through 5) allowed
before declaring a nonresponsive server inactive.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••
1
1. HTTP Form and Clientless SSL VPN are supported only in single routed mode.
••