Manual de instrucciones de Cisco Systems OL-12180-01

Manual de instrucciones del aparato Cisco Systems OL-12180-01

Aparato: Cisco Systems OL-12180-01
Categoría: Servidor
Fabricante: Cisco Systems
Tamaño: 0.41 MB
Fecha de añadido: 6/4/2013
Número de páginas: 24
Imprimir el manual

Descargar

¿Cómo se utiliza?

Nuestro propósito es proporcionarte el acceso más rápido posible a los contenidos incluidos en los manuales de instrucciones del aparato Cisco Systems OL-12180-01. Utilizando la vista previa online, puedes ver rápidamente el índice de contenidos y pasar a la página donde encontrarás la solución a tu problema con Cisco Systems OL-12180-01.

Para tu comodidad

Si ver los manuales de instrucción de Cisco Systems OL-12180-01 directamente en esta página no es cómodo para ti, puedes utilizar dos soluciones posibles:

  • Vista en pantalla completa – Para ver cómodamente los manuales de instrucciones (sin descargarlos en tu ordenador) puedes utilizar el modo de vista en pantalla completa. Para activar la vista del manual Cisco Systems OL-12180-01 en pantalla completa, utiliza el botón Pantalla completa
  • Descargar al ordenador – también puedes descargar el manual de instrucciones de Cisco Systems OL-12180-01 a tu ordenador y guardarlo en tu colección. Sin embargo, si no quieres ocupar espacio en tu dispositivo, siempre podrás descargarlo de ManualsBase.
Cisco Systems OL-12180-01 Manual de instrucciones - Online PDF
Advertisement
« Page 1 of 24 »
Advertisement
Versión impresa

Muchas personas prefieren no leer el documento en la pantalla, sino en versión impresa. La opción de impresión también está prevista y puedes utilizarla haciendo clic en el enlace más arriba - Imprimir el manual. No tienes que imprimir el manual completo de Cisco Systems OL-12180-01, solo las páginas que elijas. Ahorra papel.

Resúmenes

A continuación encontrarás resúmenes de los contenidos incluidos en las páginas posteriores del manual de instrucciones para Cisco Systems OL-12180-01. Puedes utilizarlos si quieres ver rápidamente el contenido que se encuentra en la siguientes páginas del manual.

Resúmenes de contenidos
Resumen del contenido incluido en la página 1

CHAPTER12
Configuring AAA Servers and User Accounts
This chapter describes support for AAA (pronounced “triple A”) and how to configure AAA servers and
the local database.
This chapter contains the following sections:
• AAA Overview, page 12-1
• AAA Server and Local Database Support, page 12-2
• Configuring the Local Database, page 12-7
• Identifying AAA Server Groups and Servers, page 12-12
• Configuring an Authentication Prompt, page 12-20
• Configuring an LDAP Attribute Map, page 12-21
AAA Ov

Resumen del contenido incluido en la página 2

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • All administrative connections to the security appliance including the following sessions: – Telnet – SSH – Serial console – ASDM (using HTTPS) – VPN management access • The enable command • Network access • VPN access About Authorization Authorization controls access per user after users authenticate. You can configure the security appliance to authorize the following items: • Management commands

Resumen del contenido incluido en la página 3

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • RADIUS Server Support, page 12-3 • TACACS+ Server Support, page 12-4 • SDI Server Support, page 12-4 • NT Server Support, page 12-5 • Kerberos Server Support, page 12-5 • LDAP Server Support, page 12-5 • SSO Support for Clientless SSL VPN with HTTP Forms, page 12-6 • Local Database Support, page 12-6 Summary of Support Table 12-1 summarizes the support for each AAA service by each AAA server type,

Resumen del contenido incluido en la página 4

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support This section contains the following topics: • Authentication Methods, page 12-4 • Attribute Support, page 12-4 • RADIUS Authorization Functions, page 12-4 Authentication Methods The security appliance supports the following authentication methods with RADIUS: • PAP—For all connection types. • CHAP—For L2TP-over-IPSec. • MS-CHAPv1—For L2TP-over-IPSec. • MS-CHAPv2—For L2TP-over-IPSec, and for regular

Resumen del contenido incluido en la página 5

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • Two-step Authentication Process, page 12-5 • SDI Primary and Replica Servers, page 12-5 SDI Version Support The security appliance supports SDI Version 5.0 and 6.0. SDI uses the concepts of an SDI primary and SDI replica servers. Each primary and its replicas share a single node secret file. The node secret file has its name based on the hexadecimal value of the ACE/Server IP address with .sdi app

Resumen del contenido incluido en la página 6

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support LDAP Server Support This section describes using an LDAP directory with the security appliance for user authentication and VPN authorization. During authentication, the security appliance acts as a client proxy to the LDAP server for the user, and authenticates to the LDAP server in either plain text or using the Simple Authentication and Security Layer (SASL) protocol. By default, the security appl

Resumen del contenido incluido en la página 7

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Profiles User profiles contain, at a minimum, a username. Typically, a password is assigned to each username, although passwords are optional. You can add other information to a specific user profile. The information you can add includes VPN-related attributes, such as a VPN session timeout value. Fallback Support The local database can act as a fallback method for several functions. This behavior is

Resumen del contenido incluido en la página 8

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Accounts The User Accounts pane lets you manage the local user database. The local database is used for the following features: • ASDM per-user access By default, you can log into ASDM with a blank username and the enable password (see Device Name/Password, page 10-12). However, if you enter a username and password at the login screen (instead of leaving the username blank), ASDM checks the local data

Resumen del contenido incluido en la página 9

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database • VPN Group Lock—Specifies what, if any, group lock policy is in effect for this user. Not available in multimode. • Add—Displays the Add User Account dialog box. • Edit—Displays the Edit User Account dialog box. • Delete—Removes the selected row from the table. There is no confirmation or undo. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Mul

Resumen del contenido incluido en la página 10

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database Privilege Level—Selects the privilege level for this user to use with local command authorization. The range is 0 (lowest) to 15 (highest). See the “Configuring Local Command Authorization” section on page 13-31 for more information. – CLI login prompt for SSH, Telnet and console (no ASDM access)—If you configure authentication for management access using the local database (see the “Configuring Authentica

Resumen del contenido incluido en la página 11

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database L2TP over IPSec—Allows remote users with VPN clients provided with several common PC and mobile PC operating systems to establish secure connections over the public IP network to the security appliance and private corporate networks. Note If no protocol is selected, an error message appears. • Filter—Specifies what filter to use, or whether to inherit the value from the group policy. Filters consist of rul

Resumen del contenido incluido en la página 12

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Subnet Mask list—Specifies the subnet mask for the Dedicated IP address. Check the Group Lock check box to restrict users to remote access through this group only. Group Lock restricts users by checking if the group configured in the VPN client is the same as the user’s assigned group. If it is not, the VPN Concentrator prevents the user from connecting. If this box is unchecked (the default),

Resumen del contenido incluido en la página 13

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If AAA accounting is in effect, the accounting information goes only to the active server, unless you have configured simultaneous accounting. For an overview of AAA services, see the “AAA Overview” section on page 12-1. Fields The fields in the AAA Server Groups pane are grouped into two main areas: the AAA Server Groups area and the Servers In The Selected Group area. The AAA Server Groups are

Resumen del contenido incluido en la página 14

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Delete—Removes the selected AAA server from the list. • Move up—Moves the selected AAA server up in the AAA sequence. • Move down—Moves the selected AAA server back in the AAA sequence. • Test—Displays the Test AAA Server dialog box. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •

Resumen del contenido incluido en la página 15

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •• •• — 1. HTTP Form and Clientless SSL VPN are supported only in single routed mode. Edit AAA Local Server Group The Edit AAA Local Server Group dialog box lets you specify whether to enable local user lockout and the maximum number of

Resumen del contenido incluido en la página 16

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Server Name or IP Address—Specifies the name or IP address of the AAA server. • Timeout—Specifies the timeout interval, in seconds. This is the time after which the security appliance gives up on the request to the primary AAA server. If there is a standby AAA server, the security appliance sends the request to the backup server. • RADIUS Parameters area—Specifies the parameters needed for usi

Resumen del contenido incluido en la página 17

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If you choose Detect Automatically, the security appliance attempts to determine the type of netmask expression used. If it detects a wildcard netmask expression, it converts it to a standard netmask expression; however, because some wildcard expressions are difficult to detect unambiguously, this setting may occasionally misinterpret a wildcard netmask expression as a standard netmask expressio

Resumen del contenido incluido en la página 18

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Naming Attribute(s)—Specifies the Relative Distinguished Name attribute (or attributes) that uniquely identifies an entry on the LDAP server. Common naming attributes are Common Name (cn) and User ID (uid). – Login DN—Specifies the login DN. Some LDAP servers (including the Microsoft Active Directory server) require the security appliance to establish a handshake via authenticated binding befo

Resumen del contenido incluido en la página 19

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Start URL—Specifies the complete URL of the authenticating web server location where a pre-login cookie can be retrieved. This parameter must be configured only when the authenticating web server loads a pre-login cookie with the login page. A drop-down list offers both HTTP and HTTPS. The maximum number of characters is 1024, and there is no minimum. – Action URI—Specifies the complete Unifor

Resumen del contenido incluido en la página 20

Chapter 12 Configuring AAA Servers and User Accounts Configuring an Authentication Prompt Tip Checking for basic network connectivity to the AAA server may save you time in troubleshooting. To test basic connectivity, click Tools > Ping. Fields • AAA Server Group—Display only. Shows the AAA server group that the selected AAA server belongs to. • Host —Display only. Shows the hostname of the AAA server you selected. • Authorization—Specifies that ASDM tests authorizing a user with the sele


Manuales de instrucciones similares
# Manual de instrucciones Categoría Descargar
1 Cisco Systems 6200 Manual de instrucciones Servidor 0
2 Cisco Systems Be6000 Ucs C220m3 HdBE6KSTBDLPLSK9 Manual de instrucciones Servidor 54
3 Cisco Systems 5.4 Manual de instrucciones Servidor 0
4 Cisco Systems A03D1TBSATA Manual de instrucciones Servidor 0
5 Cisco Systems 6 Manual de instrucciones Servidor 0
6 Cisco Systems Cisco 1121 Secure Access Control System CSACS1121UPK9 Manual de instrucciones Servidor 25
7 Cisco Systems Cisco Access Registrar 3.5 Manual de instrucciones Servidor 0
8 Cisco Systems C24 M3 Manual de instrucciones Servidor 0
9 Cisco Systems Cisco Network StorageC220 Manual de instrucciones Servidor 1
10 Cisco Systems 3.3 Manual de instrucciones Servidor 0
11 Cisco Systems Channelized T3 Trunk Card AS5800 Manual de instrucciones Servidor 0
12 Cisco Systems Cisco Network StorageUCSRAID9266CV Manual de instrucciones Servidor 0
13 Cisco Systems Cisco Network Storage9266CV-8i Manual de instrucciones Servidor 0
14 Cisco Systems Cisco Network StorageUCSSP6C220E Manual de instrucciones Servidor 0
15 Cisco Systems 4.2 Manual de instrucciones Servidor 6
16 Edelbrock 1921 Manual de instrucciones Servidor 0
17 Sony VAIO VGF-HS1 Manual de instrucciones Servidor 11
18 Sony NAS-SV20DI Manual de instrucciones Servidor 1
19 3Com 10031370-01 Manual de instrucciones Servidor 1
20 3Com SuperStack 3 Manual de instrucciones Servidor 9