Cisco FirePOWER ASA 5500 series Configuration Manual page 921

Appendix E Configuring an External Server for Authorization and Authentication
Table E-2 Security Appliance Supported LDAP Cisco Schema Attributes (continued)
Attribute Name/
OID (Object Identifier)
cVPN3000-Client-Type-Version-Limiting
cVPN3000-WebVPN-Content-Filter-
Parameters
cVPN3000-WebVPN-Enable-functions
cVPN3000-WebVPN-Exchange-Server-
Address
cVPN3000-WebVPN-Exchange-Server-
NETBIOS-Name
cVPN3000-Port-Forwarding-Name
cVPN3000-IETF-Radius-Framed-IP-
Address
cVPN3000-IETF-Radius-Framed-IP-
Netmask
cVPN3000-IETF-Radius-Session-Timeout
cVPN3000-IETF-Radius-Idle-Timeout
cVPN3000-IETF-Radius-Class
cVPN3000-IETF-Radius-Filter-Id
cVPN3000-Authorization-Required
cVPN3000-Authorization-Type
OL-10088-01
VPN Attr.
1
3000 ASA PIX OID
Y Y Y 55
Y Y 56
57
58
59
Y Y 60
Y Y Y 61
Y Y Y 62
Y Y Y 63
Y Y Y 64
Y Y Y 65
Y Y Y 66
Y 67
Y 68
Cisco Security Appliance Command Line Configuration Guide
Configuring an External LDAP Server
Single
or
Syntax/ Multi-
Type Valued Possible Values
String Single IPsec VPN client version
number string
Integer Single 1 = Java & ActiveX
2 = Java scripts
4 = Images
8 = Cookies in images
Add the values to filter multiple
parameters. For example: enter
10 to filter both Java scripts and
cookies. (10 = 2 + 8)
Integer Single Not used - deprecated
String Single Not used - deprecated
String Single Not used - deprecated
String Single Name string (for example,
"Corporate-Apps")
String Single An IP address
String Single An IP address
Integer Single 1-35791394 minutes
0 = Unlimited
Integer Single 1-35791394 minutes
0 = Unlimited
String Single Group name string. Use any of
the these three formats:
OU=Engineering
OU=Engineering;
Engineering
String Single An access-list
Integer Single 0 = No
1 = Yes
Integer Single 0 = None
1 = RADIUS
2 = LDAP
E-11