Cisco ASA 5505 User Manual

C-11

Cisco ASA 5500 Series Configuration Guide using the CLI

Appendix C Configuring an External Server for Authorization and Authentication

Configuring an External LDAP Server

Tunneling-Protocols

Y

Y

Y

Integer

Single

1 = PPTP
2 = L2TP
4 = IPSec (IKEv1)
8 = L2TP/IPSec
16 = WebVPN
32 = SVC
64 = IPsec (IKEv2)
8 and 4 are mutually exclusive
(0 - 11, 16 - 27, 32 - 43, 48 - 59 are
legal values).

Use-Client-Address

Y

Boolean Single

0 = Disabled
1 = Enabled

User-Auth-Server-Name

Y

String

Single

IP address or hostname

User-Auth-Server-Port

Y

Integer

Single

Port number for server protocol

User-Auth-Server-Secret

Y

String

Single

Server password

WebVPN-ACL-Filters

Y

String

Single

Webtype access list name

WebVPN-Apply-ACL-Enable

Y

Y

Integer

Single

0 = Disabled
1 = Enabled

With Version 8.0 and later, this
attribute is not required.

WebVPN-Citrix-Support-Enable

Y

Y

Integer

Single

0 = Disabled
1 = Enabled

With Versions 8.0 and later, this
attribute is not required.

WebVPN-Enable-functions

Integer

Single

Not used - deprecated

WebVPN-Exchange-Server-
Address

String

Single

Not used - deprecated

WebVPN-Exchange-Server-
NETBIOS-Name

String

Single

Not used - deprecated

WebVPN-File-Access-Enable

Y

Y

Integer

Single

0 = Disabled
1 = Enabled

WebVPN-File-Server-Browsing-
Enable

Y

Y

Integer

Single

0 = Disabled
1 = Enabled

WebVPN-File-Server-Entry-
Enable

Y

Y

Integer

Single

0 = Disabled
1 = Enabled

WebVPN-Forwarded-Ports

Y

String

Single

Port-forward list name

WebVPN-Homepage

Y

Y

String

Single

A URL such as
http://www.example.com

Table C-2

ASA Supported Cisco Attributes for LDAP Authorization (continued)

Attribute Name

VPN 3000

ASA

PIX

Syntax/
Type

Single or
Multi-Valued

Possible Values