Appendix E
Configuring an External Server for Authorization and Authentication
Table E-2
Security Appliance Supported LDAP Cisco Schema Attributes (continued)
Attribute Name/
OID (Object Identifier)
Firewall-ACL-Out
IKE-DPD-Retry-Interval
IKE-Keep-Alives
IPSec-Allow-Passwd-Store
IPSec-Authentication
IPSec-Auth-On-Rekey
IPSec-Backup-Server-List
IPSec-Backup-Servers
IPSec-Banner1
IPSec-Banner2
IPSec-Client-Firewall-Filter- Name
IPSec-Client-Firewall-Filter- Optional
IPSec-Default-Domain
OL-12172-03
VPN
Attr.
1
3000 ASA PIX
OID
Y
Y
94
Y
Y
Y
29
Y
Y
Y
12
Y
10
Y
Y
Y
30
Y
Y
Y
43
Y
Y
Y
42
Y
Y
Y
11
Y
Y
Y
24
Y
40
Y
Y
Y
41
Y
Y
Y
17
Cisco Security Appliance Command Line Configuration Guide
Configuring an External LDAP Server
Single
or
Syntax/
Multi-
Type
Valued
Possible Values
String
Single
Access list ID
Boolean Single
0 = Disabled
1 = Enabled
Boolean Single
0 = Disabled
1 = Enabled
Integer
Single
0 = None
1 = RADIUS
2 = LDAP (authorization only)
3 = NT Domain
4 = SDI
5 = Internal
6 = RADIUS with Expiry
7 = Kerberos/Active Directory
Boolean Single
0 = Disabled
1 = Enabled
String
Single
Server Addresses (space
delimited)
String
Single
1 = Use Client-Configured list
2 = Disabled and clear client
list
3 = Use Backup Server list
String
Single
Banner string
String
Single
Banner string
String
Single
Specifies the name of the filter
to be pushed to the client as
firewall policy.
Integer
Single
0 = Required
1 = Optional
String
Single
Specifies the single default
domain name to send to the
client (1 - 255 characters).
E-7