Instruction d'utilisation Cisco Systems OL-12180-01

Instruction d'utilisation pour le dispositif Cisco Systems OL-12180-01

Dispositif: Cisco Systems OL-12180-01
Catégorie: Serveur
Fabricant: Cisco Systems
Dimension: 0.41 MB
Date d'addition: 6/4/2013
Nombre des pages: 24
Imprimez l'instruction

Téléchargez

Comment utiliser?

Notre objectif consiste à vous assurer le plus rapide accès au contenu de l'instruction d'utilisation du dispositif Cisco Systems OL-12180-01. En utilisant l'aperçu en ligne vous pouvez parcourir le sommaire et passer à la page où vous trouverez la résolution de votre problème avec Cisco Systems OL-12180-01.

Pour votre confort

Si regarder l'instruction Cisco Systems OL-12180-01 directement sur la page n'est pas confortable pour vous, vous pouvez profiter de deux solutions possibles:

  • Exploration au mode de plein écran - pour analyser l'instruction d'une manière commode (sans l'avoir téléchargée sur votre ordinateur) vous pouvez utiliser le mode d'exploration en plein écran. Pour démarrer l'exploration de l'instruction Cisco Systems OL-12180-01 en plein écran, utilisez le bouton Plein écran.
  • Téléchargement sur l'ordinateur - vous pouvez aussi télécharger l'instruction Cisco Systems OL-12180-01 sur votre ordinateur et la sauvegarder dans vos ressources. Si vous n'avez pas envie de gaspiller votre espace disque, vous pouvez toujours télécharger cette instruction du ManualsBase dans l'avenir.
Cisco Systems OL-12180-01 Manuel d'utilisation - Online PDF
Advertisement
« Page 1 of 24 »
Advertisement
Version imprimée

Beaucoup de gens préfèrent de lire les documents dans la version imprimée et non pas sur l'écran. L'option d'impression de l'instruction est aussi prévue et vous pouvez en profiter en cliquant le lien ci-dessus - Imprimez l'instruction. Il n'est pas nécessaire d'imprimer toute l'instruction Cisco Systems OL-12180-01 - on peut choisir des pages. Economisez le papier.

Résumés

Vous trouverez ci-dessous les annonces des contenus qui se trouvent sur les pages suivantes de l'instruction de Cisco Systems OL-12180-01. Si vous voulez parcourir rapidement le contenu des pages suivantes de l'instruction, vous pouvez en profiter.

Résumés du contenu
Résumé du contenu de la page N° 1

CHAPTER12
Configuring AAA Servers and User Accounts
This chapter describes support for AAA (pronounced “triple A”) and how to configure AAA servers and
the local database.
This chapter contains the following sections:
• AAA Overview, page 12-1
• AAA Server and Local Database Support, page 12-2
• Configuring the Local Database, page 12-7
• Identifying AAA Server Groups and Servers, page 12-12
• Configuring an Authentication Prompt, page 12-20
• Configuring an LDAP Attribute Map, page 12-21
AAA Ov

Résumé du contenu de la page N° 2

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • All administrative connections to the security appliance including the following sessions: – Telnet – SSH – Serial console – ASDM (using HTTPS) – VPN management access • The enable command • Network access • VPN access About Authorization Authorization controls access per user after users authenticate. You can configure the security appliance to authorize the following items: • Management commands

Résumé du contenu de la page N° 3

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • RADIUS Server Support, page 12-3 • TACACS+ Server Support, page 12-4 • SDI Server Support, page 12-4 • NT Server Support, page 12-5 • Kerberos Server Support, page 12-5 • LDAP Server Support, page 12-5 • SSO Support for Clientless SSL VPN with HTTP Forms, page 12-6 • Local Database Support, page 12-6 Summary of Support Table 12-1 summarizes the support for each AAA service by each AAA server type,

Résumé du contenu de la page N° 4

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support This section contains the following topics: • Authentication Methods, page 12-4 • Attribute Support, page 12-4 • RADIUS Authorization Functions, page 12-4 Authentication Methods The security appliance supports the following authentication methods with RADIUS: • PAP—For all connection types. • CHAP—For L2TP-over-IPSec. • MS-CHAPv1—For L2TP-over-IPSec. • MS-CHAPv2—For L2TP-over-IPSec, and for regular

Résumé du contenu de la page N° 5

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support • Two-step Authentication Process, page 12-5 • SDI Primary and Replica Servers, page 12-5 SDI Version Support The security appliance supports SDI Version 5.0 and 6.0. SDI uses the concepts of an SDI primary and SDI replica servers. Each primary and its replicas share a single node secret file. The node secret file has its name based on the hexadecimal value of the ACE/Server IP address with .sdi app

Résumé du contenu de la page N° 6

Chapter 12 Configuring AAA Servers and User Accounts AAA Server and Local Database Support LDAP Server Support This section describes using an LDAP directory with the security appliance for user authentication and VPN authorization. During authentication, the security appliance acts as a client proxy to the LDAP server for the user, and authenticates to the LDAP server in either plain text or using the Simple Authentication and Security Layer (SASL) protocol. By default, the security appl

Résumé du contenu de la page N° 7

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Profiles User profiles contain, at a minimum, a username. Typically, a password is assigned to each username, although passwords are optional. You can add other information to a specific user profile. The information you can add includes VPN-related attributes, such as a VPN session timeout value. Fallback Support The local database can act as a fallback method for several functions. This behavior is

Résumé du contenu de la page N° 8

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database User Accounts The User Accounts pane lets you manage the local user database. The local database is used for the following features: • ASDM per-user access By default, you can log into ASDM with a blank username and the enable password (see Device Name/Password, page 10-12). However, if you enter a username and password at the login screen (instead of leaving the username blank), ASDM checks the local data

Résumé du contenu de la page N° 9

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database • VPN Group Lock—Specifies what, if any, group lock policy is in effect for this user. Not available in multimode. • Add—Displays the Add User Account dialog box. • Edit—Displays the Edit User Account dialog box. • Delete—Removes the selected row from the table. There is no confirmation or undo. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Mul

Résumé du contenu de la page N° 10

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database Privilege Level—Selects the privilege level for this user to use with local command authorization. The range is 0 (lowest) to 15 (highest). See the “Configuring Local Command Authorization” section on page 13-31 for more information. – CLI login prompt for SSH, Telnet and console (no ASDM access)—If you configure authentication for management access using the local database (see the “Configuring Authentica

Résumé du contenu de la page N° 11

Chapter 12 Configuring AAA Servers and User Accounts Configuring the Local Database L2TP over IPSec—Allows remote users with VPN clients provided with several common PC and mobile PC operating systems to establish secure connections over the public IP network to the security appliance and private corporate networks. Note If no protocol is selected, an error message appears. • Filter—Specifies what filter to use, or whether to inherit the value from the group policy. Filters consist of rul

Résumé du contenu de la page N° 12

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Subnet Mask list—Specifies the subnet mask for the Dedicated IP address. Check the Group Lock check box to restrict users to remote access through this group only. Group Lock restricts users by checking if the group configured in the VPN client is the same as the user’s assigned group. If it is not, the VPN Concentrator prevents the user from connecting. If this box is unchecked (the default),

Résumé du contenu de la page N° 13

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If AAA accounting is in effect, the accounting information goes only to the active server, unless you have configured simultaneous accounting. For an overview of AAA services, see the “AAA Overview” section on page 12-1. Fields The fields in the AAA Server Groups pane are grouped into two main areas: the AAA Server Groups area and the Servers In The Selected Group area. The AAA Server Groups are

Résumé du contenu de la page N° 14

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Delete—Removes the selected AAA server from the list. • Move up—Moves the selected AAA server up in the AAA sequence. • Move down—Moves the selected AAA server back in the AAA sequence. • Test—Displays the Test AAA Server dialog box. Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •

Résumé du contenu de la page N° 15

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers Modes The following table shows the modes in which this feature is available: Firewall Mode Security Context Multiple Routed Transparent Single Context System 1 •• •• — 1. HTTP Form and Clientless SSL VPN are supported only in single routed mode. Edit AAA Local Server Group The Edit AAA Local Server Group dialog box lets you specify whether to enable local user lockout and the maximum number of

Résumé du contenu de la page N° 16

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers • Server Name or IP Address—Specifies the name or IP address of the AAA server. • Timeout—Specifies the timeout interval, in seconds. This is the time after which the security appliance gives up on the request to the primary AAA server. If there is a standby AAA server, the security appliance sends the request to the backup server. • RADIUS Parameters area—Specifies the parameters needed for usi

Résumé du contenu de la page N° 17

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers If you choose Detect Automatically, the security appliance attempts to determine the type of netmask expression used. If it detects a wildcard netmask expression, it converts it to a standard netmask expression; however, because some wildcard expressions are difficult to detect unambiguously, this setting may occasionally misinterpret a wildcard netmask expression as a standard netmask expressio

Résumé du contenu de la page N° 18

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Naming Attribute(s)—Specifies the Relative Distinguished Name attribute (or attributes) that uniquely identifies an entry on the LDAP server. Common naming attributes are Common Name (cn) and User ID (uid). – Login DN—Specifies the login DN. Some LDAP servers (including the Microsoft Active Directory server) require the security appliance to establish a handshake via authenticated binding befo

Résumé du contenu de la page N° 19

Chapter 12 Configuring AAA Servers and User Accounts Identifying AAA Server Groups and Servers – Start URL—Specifies the complete URL of the authenticating web server location where a pre-login cookie can be retrieved. This parameter must be configured only when the authenticating web server loads a pre-login cookie with the login page. A drop-down list offers both HTTP and HTTPS. The maximum number of characters is 1024, and there is no minimum. – Action URI—Specifies the complete Unifor

Résumé du contenu de la page N° 20

Chapter 12 Configuring AAA Servers and User Accounts Configuring an Authentication Prompt Tip Checking for basic network connectivity to the AAA server may save you time in troubleshooting. To test basic connectivity, click Tools > Ping. Fields • AAA Server Group—Display only. Shows the AAA server group that the selected AAA server belongs to. • Host —Display only. Shows the hostname of the AAA server you selected. • Authorization—Specifies that ASDM tests authorizing a user with the sele


Instructions pareilles
# Instruction d'utilisation Catégorie Téléchargez
1 Cisco Systems 6200 Manuel d'utilisation Serveur 0
2 Cisco Systems Be6000 Ucs C220m3 HdBE6KSTBDLPLSK9 Manuel d'utilisation Serveur 54
3 Cisco Systems 5.4 Manuel d'utilisation Serveur 0
4 Cisco Systems A03D1TBSATA Manuel d'utilisation Serveur 0
5 Cisco Systems 6 Manuel d'utilisation Serveur 0
6 Cisco Systems Cisco 1121 Secure Access Control System CSACS1121UPK9 Manuel d'utilisation Serveur 25
7 Cisco Systems Cisco Access Registrar 3.5 Manuel d'utilisation Serveur 0
8 Cisco Systems C24 M3 Manuel d'utilisation Serveur 0
9 Cisco Systems Cisco Network StorageC220 Manuel d'utilisation Serveur 1
10 Cisco Systems 3.3 Manuel d'utilisation Serveur 0
11 Cisco Systems Channelized T3 Trunk Card AS5800 Manuel d'utilisation Serveur 0
12 Cisco Systems Cisco Network StorageUCSRAID9266CV Manuel d'utilisation Serveur 0
13 Cisco Systems Cisco Network Storage9266CV-8i Manuel d'utilisation Serveur 0
14 Cisco Systems Cisco Network StorageUCSSP6C220E Manuel d'utilisation Serveur 0
15 Cisco Systems 4.2 Manuel d'utilisation Serveur 6
16 Edelbrock 1921 Manuel d'utilisation Serveur 0
17 Sony VAIO VGF-HS1 Manuel d'utilisation Serveur 11
18 Sony NAS-SV20DI Manuel d'utilisation Serveur 1
19 3Com 10031370-01 Manuel d'utilisation Serveur 1
20 3Com SuperStack 3 Manuel d'utilisation Serveur 9