Cisco ASA 5505 User Manual

Page 694

Advertising
background image

35-14

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 35 Configuring AAA Servers and the Local Database

Configuring AAA

Step 4

reactivation-mode

{depletion [deadtime minutes] |

timed

}

Example:

hostname(config-aaa-server-group)#

reactivation-mode deadtime 20

Specifies the method (reactivation policy) by which
failed servers in a group are reactivated.

The depletion keyword reactivates failed servers only
after all of the servers in the group are inactive.

The deadtime minutes keyword-argument pair specifies
the amount of time in minutes, between 0 and 1440, that
elapses between the disabling of the last server in the
group and the subsequent reenabling of all servers. The
default is 10 minutes.

The timed keyword reactivates failed servers after 30
seconds of down time.

Step 5

accounting-mode simultaneous

Example:

hostname(config-aaa-server-group)#

accounting-mode simultaneous

Sends accounting messages to all servers in the group
(RADIUS or TACACS+ only).

To restore the default of sending messages only to the
active server, enter the accounting-mode single
command.

Step 6

aaa-server

server_group [interface_name] host

server_ip

Example:

hostname(config)# aaa-server servergroup1 outside

host 10.10.1.1

Identifies the server and the AAA server group to which
it belongs.

When you enter the aaa-server host command, you enter
aaa-server host configuration mode. As needed, use host
configuration mode commands to further configure the
AAA server.

The commands in host configuration mode do not apply
to all AAA server types.

Table 35-2

lists the available

commands, the server types to which they apply, and
whether or not a new AAA server definition has a default
value for that command. Where a command is applicable
to the specified server type and no default value is
provided (indicated by “—”), use the command to
specify the value.

Table 35-2

Host Mode Commands, Server Types, and Defaults

Command

Applicable AAA Server Types Default Value

Description

accounting-port

RADIUS

1646

acl-netmask-convert

RADIUS

standard

authentication-port

RADIUS

1645

kerberos-realm

Kerberos

key

RADIUS

TACACS+

ldap-attribute-map

LDAP

ldap-base-dn

LDAP

ldap-login-dn

LDAP

Command

Purpose

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals