Configuring User Attributes; Viewing The Username Configuration; Configuring Attributes For Specific Users - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 30
Configuring Connection Profiles, Group Policies, and Users
hostname(config-username-webvpn)# no svc rekey method
hostname(config-username-webvpn)#
If, however, you specify the method as new-tunnel:
hostname(config-username-webvpn)# no svc rekey method new-tunnel
hostname(config-username-webvpn)#
but the current method is ssl, then the command fails, because the values don't match.
In the following example, the user configures the SVC to renegotiate with SSL during rekey and
configures the rekey to occur 30 minutes after the session begins:
hostname(config-group-webvpn)# svc rekey method ssl
hostname(config-group-webvpn)# svc rekey time 30
hostname(config-group-webvpn)#
Configuring User Attributes
This section describes user attributes and how to configure them. It includes the following sections:
•
•
By default, users inherit all user attributes from the assigned group policy. The security appliance also
lets you assign individual attributes at the user level, overriding values in the group policy that applies
to that user. For example, you can specify a group policy giving all users access during business hours,
but give a specific user 24-hour access.
Viewing the Username Configuration
To display the configuration for all usernames, including default values inherited from the group policy,
enter the all keyword with the show running-config username command, as follows:
hostname# show running-config all username
hostname#
This displays the encrypted password and the privilege level. for all users, or, if you supply a username,
for that specific user. If you omit the all keyword, only explicitly configured values appear in this list.
The following example displays the output of this command for the user named testuser:
hostname# show running-config all username testuser
username testuser password 12RsxXQnphyr/I9Z encrypted privilege 15
Configuring Attributes for Specific Users
To configure specific users, you assign a password (or no password) and attributes to a user using the
username command, which enters username mode. Any attributes that you do not specify are inherited
from the group policy.
OL-12172-03
Viewing the Username Configuration, page 30-73
Configuring Attributes for Specific Users, page 30-73
Cisco Security Appliance Command Line Configuration Guide
Configuring User Attributes
30-73
Advertisement
Table of Contents
Troubleshooting
