Cisco Systems OL-12180-01 user manual

User manual for the device Cisco Systems OL-12180-01

Device: Cisco Systems OL-12180-01
Category: Server
Manufacturer: Cisco Systems
Size: 0.41 MB
Added : 6/4/2013
Number of pages: 24
Print the manual

Download

How to use this site?

Our goal is to provide you with a quick access to the content of the user manual for Cisco Systems OL-12180-01. Using the online preview, you can quickly view the contents and go to the page where you will find the solution to your problem with Cisco Systems OL-12180-01.

For your convenience

If looking through the Cisco Systems OL-12180-01 user manual directly on this website is not convenient for you, there are two possible solutions:

  • Full Screen Viewing - to easily view the user manual (without downloading it to your computer), you can use full-screen viewing mode. To start viewing the user manual Cisco Systems OL-12180-01 on full screen, use the button Fullscreen.
  • Downloading to your computer - You can also download the user manual Cisco Systems OL-12180-01 to your computer and keep it in your files. However, if you do not want to take up too much of your disk space, you can always download it in the future from ManualsBase.
Cisco Systems OL-12180-01 User manual - Online PDF
Advertisement
« Page 1 of 24 »
Advertisement
Print version

Many people prefer to read the documents not on the screen, but in the printed version. The option to print the manual has also been provided, and you can use it by clicking the link above - Print the manual. You do not have to print the entire manual Cisco Systems OL-12180-01 but the selected pages only. paper.

Summaries

Below you will find previews of the content of the user manuals presented on the following pages to Cisco Systems OL-12180-01. If you want to quickly view the content of pages found on the following pages of the manual, you can use them.

Abstracts of contents
Summary of the content on the page No. 1

CHAPTER12
Configuring AAA Servers and User Accounts
This chapter describes support for AAA (pronounced “triple A”) and how to configure AAA servers and
the local database.
This chapter contains the following sections:
• AAA Overview, page 12-1
• AAA Server and Local Database Support, page 12-2
• Configuring the Local Database, page 12-7
• Identifying AAA Server Groups and Servers, page 12-12
• Configuring an Authentication Prompt, page 12-20
• Configuring an LDAP Attribute Map, page 12-21
AAA Ov

Summary of the content on the page No. 2

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • All administrative connections to the security appliance including the following sessions: – Telnet – SSH – Serial console – ASDM (using HTTPS) – VPN management access • The enable command • Network access • VPN access About Authorization Authorization controls access per user after users authenticate. You can configure the security appliance to authorize the following items: • Management commands

Summary of the content on the page No. 3

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • RADIUS Server Support, page 12-3 • TACACS+ Server Support, page 12-4 • SDI Server Support, page 12-4 • NT Server Support, page 12-5 • Kerberos Server Support, page 12-5 • LDAP Server Support, page 12-5 • SSO Support for Clientless SSL VPN with HTTP Forms, page 12-6 • Local Database Support, page 12-6 Summary of Support Table 12-1 summarizes the support for each AAA service by each AAA server type,

Summary of the content on the page No. 4

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support This section contains the following topics: • Authentication Methods, page 12-4 • Attribute Support, page 12-4 • RADIUS Authorization Functions, page 12-4 Authentication Methods The security appliance supports the following authentication methods with RADIUS: • PAP—For all connection types. • CHAP—For L2TP-over-IPSec. • MS-CHAPv1—For L2TP-over-IPSec. • MS-CHAPv2—For L2TP-over-IPSec, and for regular

Summary of the content on the page No. 5

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • Two-step Authentication Process, page 12-5 • SDI Primary and Replica Servers, page 12-5 SDI Version Support The security appliance supports SDI Version 5.0 and 6.0. SDI uses the concepts of an SDI primary and SDI replica servers. Each primary and its replicas share a single node secret file. The node secret file has its name based on the hexadecimal value of the ACE/Server IP address with .sdi app

Summary of the content on the page No. 6

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support LDAP Server Support This section describes using an LDAP directory with the security appliance for user authentication and VPN authorization. During authentication, the security appliance acts as a client proxy to the LDAP server for the user, and authenticates to the LDAP server in either plain text or using the Simple Authentication and Security Layer (SASL) protocol. By default, the security appl

Summary of the content on the page No. 7

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Profiles User profiles contain, at a minimum, a username. Typically, a password is assigned to each username, although passwords are optional. You can add other information to a specific user profile. The information you can add includes VPN-related attributes, such as a VPN session timeout value. Fallback Support The local database can act as a fallback method for several functions. This behavior is

Summary of the content on the page No. 8

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Accounts The User Accounts pane lets you manage the local user database. The local database is used for the following features: • ASDM per-user access By default, you can log into ASDM with a blank username and the enable password (see Device Name/Password, page 10-12). However, if you enter a username and password at the login screen (instead of leaving the username blank), ASDM checks the local data

Summary of the content on the page No. 9

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database • VPN Group Lock—Specifies what, if any, group lock policy is in effect for this user. Not available in multimode. • Add—Displays the Add User Account dialog box. • Edit—Displays the Edit User Account dialog box. • Delete—Removes the selected row from the table. There is no confirmation or undo. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Mul

Summary of the content on the page No. 10

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database Privilege Level—Selects the privilege level for this user to use with local command authorization. The range is 0 (lowest) to 15 (highest). See the “Configuring Local Command Authorization” section on page 13-31 for more information. – CLI login prompt for SSH, Telnet and console (no ASDM access)—If you configure authentication for management access using the local database (see the “Configuring Authentica

Summary of the content on the page No. 11

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database L2TP over IPSec—Allows remote users with VPN clients provided with several common PC and mobile PC operating systems to establish secure connections over the public IP network to the security appliance and private corporate networks. Note If no protocol is selected, an error message appears. • Filter—Specifies what filter to use, or whether to inherit the value from the group policy. Filters consist of rul

Summary of the content on the page No. 12

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Subnet Mask list—Specifies the subnet mask for the Dedicated IP address. Check the Group Lock check box to restrict users to remote access through this group only. Group Lock restricts users by checking if the group configured in the VPN client is the same as the user’s assigned group. If it is not, the VPN Concentrator prevents the user from connecting. If this box is unchecked (the default),

Summary of the content on the page No. 13

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If AAA accounting is in effect, the accounting information goes only to the active server, unless you have configured simultaneous accounting. For an overview of AAA services, see the “AAA Overview” section on page 12-1. Fields The fields in the AAA Server Groups pane are grouped into two main areas: the AAA Server Groups area and the Servers In The Selected Group area. The AAA Server Groups are

Summary of the content on the page No. 14

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Delete—Removes the selected AAA server from the list. • Move up—Moves the selected AAA server up in the AAA sequence. • Move down—Moves the selected AAA server back in the AAA sequence. • Test—Displays the Test AAA Server dialog box. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •

Summary of the content on the page No. 15

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •• •• — 1. HTTP Form and Clientless SSL VPN are supported only in single routed mode. Edit AAA Local Server Group The Edit AAA Local Server Group dialog box lets you specify whether to enable local user lockout and the maximum number of

Summary of the content on the page No. 16

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Server Name or IP Address—Specifies the name or IP address of the AAA server. • Timeout—Specifies the timeout interval, in seconds. This is the time after which the security appliance gives up on the request to the primary AAA server. If there is a standby AAA server, the security appliance sends the request to the backup server. • RADIUS Parameters area—Specifies the parameters needed for usi

Summary of the content on the page No. 17

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If you choose Detect Automatically, the security appliance attempts to determine the type of netmask expression used. If it detects a wildcard netmask expression, it converts it to a standard netmask expression; however, because some wildcard expressions are difficult to detect unambiguously, this setting may occasionally misinterpret a wildcard netmask expression as a standard netmask expressio

Summary of the content on the page No. 18

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Naming Attribute(s)—Specifies the Relative Distinguished Name attribute (or attributes) that uniquely identifies an entry on the LDAP server. Common naming attributes are Common Name (cn) and User ID (uid). – Login DN—Specifies the login DN. Some LDAP servers (including the Microsoft Active Directory server) require the security appliance to establish a handshake via authenticated binding befo

Summary of the content on the page No. 19

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Start URL—Specifies the complete URL of the authenticating web server location where a pre-login cookie can be retrieved. This parameter must be configured only when the authenticating web server loads a pre-login cookie with the login page. A drop-down list offers both HTTP and HTTPS. The maximum number of characters is 1024, and there is no minimum. – Action URI—Specifies the complete Unifor

Summary of the content on the page No. 20

Chapter 12 Configuring AAA Servers and User Accounts Configuring an Authentication Prompt Tip Checking for basic network connectivity to the AAA server may save you time in troubleshooting. To test basic connectivity, click Tools > Ping. Fields • AAA Server Group—Display only. Shows the AAA server group that the selected AAA server belongs to. • Host —Display only. Shows the hostname of the AAA server you selected. • Authorization—Specifies that ASDM tests authorizing a user with the sele


Alternative user manuals
# User manual Category Download
1 Cisco Systems 6200 User manual Server 0
2 Cisco Systems Be6000 Ucs C220m3 HdBE6KSTBDLPLSK9 User manual Server 54
3 Cisco Systems 5.4 User manual Server 0
4 Cisco Systems A03D1TBSATA User manual Server 0
5 Cisco Systems 6 User manual Server 0
6 Cisco Systems Cisco 1121 Secure Access Control System CSACS1121UPK9 User manual Server 25
7 Cisco Systems Cisco Access Registrar 3.5 User manual Server 0
8 Cisco Systems C24 M3 User manual Server 0
9 Cisco Systems Cisco Network StorageC220 User manual Server 1
10 Cisco Systems 3.3 User manual Server 0
11 Cisco Systems Channelized T3 Trunk Card AS5800 User manual Server 0
12 Cisco Systems Cisco Network StorageUCSRAID9266CV User manual Server 0
13 Cisco Systems Cisco Network Storage9266CV-8i User manual Server 0
14 Cisco Systems Cisco Network StorageUCSSP6C220E User manual Server 0
15 Cisco Systems 4.2 User manual Server 6
16 Edelbrock 1921 User manual Server 0
17 Sony VAIO VGF-HS1 User manual Server 11
18 Sony NAS-SV20DI User manual Server 1
19 3Com 10031370-01 User manual Server 1
20 3Com SuperStack 3 User manual Server 9