Licensing requirements for aaa servers, Guidelines and limitations, Configuring aaa – Cisco ASA 5505 User Manual
Page 690
35-10
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 35 Configuring AAA Servers and the Local Database
Licensing Requirements for AAA Servers
–
Uses the username value of the certificate primary DN field as a credential
Note
If the primary DN field is not present in the certificate, the ASA uses the secondary DN field value as
the username for the authorization request.
For example, consider a user certificate that includes the following Subject DN fields and values:
Cn=anyuser,OU=sales;O=XYZCorporation;L=boston;S=mass;C=us;[email protected]
If the Primary DN = EA (E-mail Address) and the Secondary DN = CN (Common Name), then the
username used in the authorization request would be [email protected].
Licensing Requirements for AAA Servers
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
IPv6 Guidelines
Supports IPv6.
Additional Guidelines
The username command has two versions: one for 8.4(3) and earlier and one for 8.4(4.1) and later. See
the command reference for more information.
Configuring AAA
This section includes the following topics:
•
Configuring AAA Server Groups, page 35-11
•
Configuring Authorization with LDAP for VPN, page 35-16
•
Configuring LDAP Attribute Maps, page 35-18
•
Adding a User Account to the Local Database, page 35-20
Model
License Requirement
All models
Base License.