Cisco ASA 5505 User Manual
Page 1929
C-31
Cisco ASA 5500 Series Configuration Guide using the CLI
Appendix C Configuring an External Server for Authorization and Authentication
Configuring an External RADIUS Server
Required-Client-Firewall-Product-Code
Y
Y
Y
46
Integer
Single
Cisco Systems Products:
1 = Cisco Intrusion Prevention
Security Agent or Cisco
Integrated Client (CIC)
Zone Labs Products:
1 = Zone Alarm
2 = Zone AlarmPro
3 = Zone Labs Integrity
NetworkICE Product:
1 = BlackIce Defender/Agent
Sygate Products:
1 = Personal Firewall
2 = Personal Firewall Pro
3 = Security Agent
Required-Client-Firewall-Description
Y
Y
Y
47
String
Single
String
Require-HW-Client-Auth
Y
Y
Y
48
Boolean Single
0 = Disabled
1 = Enabled
Required-Individual-User-Auth
Y
Y
Y
49
Integer
Single
0 = Disabled
1 = Enabled
Authenticated-User-Idle-Timeout
Y
Y
Y
50
Integer
Single
1-35791394 minutes
Cisco-IP-Phone-Bypass
Y
Y
Y
51
Integer
Single
0 = Disabled
1 = Enabled
IPsec-Split-Tunneling-Policy
Y
Y
Y
55
Integer
Single
0 = No split tunneling
1 = Split tunneling
2 = Local LAN permitted
IPsec-Required-Client-Firewall-Capability
Y
Y
Y
56
Integer
Single
0 = None
1 = Policy defined by remote
FW Are-You-There (AYT)
2 = Policy pushed CPP
4 = Policy from server
IPsec-Client-Firewall-Filter-Name
Y
57
String
Single
Specifies the name of the filter
to be pushed to the client as
firewall policy
IPsec-Client-Firewall-Filter-Optional
Y
Y
Y
58
Integer
Single
0 = Required
1 = Optional
IPsec-Backup-Servers
Y
Y
Y
59
String
Single
1 = Use Client-Configured list
2 = Disable and clear client list
3 = Use Backup Server list
IPsec-Backup-Server-List
Y
Y
Y
60
String
Single
Server Addresses (space
delimited)
Table C-7
ASA Supported RADIUS Attributes and Values (continued)
Attribute Name
VPN
3000
ASA
PIX
Attr.
No.
Syntax/
Type
Single
or
Multi-
Valued
Description or Value