Summary Of Support; Radius Server Support - Cisco FirePOWER ASA 5500 series Configuration Manual

Chapter 13 Configuring AAA Servers and the Local Database
•
•
•
•
•
•
•
•

Summary of Support

Table 13-1
database. For more information about support for a specific AAA server type, refer to the topics
following the table.
Table 13-1
AAA Service
Authentication of...
VPN users
Firewall sessions
Administrators
Authorization of...
VPN users
Firewall sessions
Administrators
Accounting of...
VPN connections
Firewall sessions
Administrators
1. HTTP Form protocol supports single sign-on authentication for WebVPN users only.
2. SDI is not supported for HTTP administrative access.
3. For firewall sessions, RADIUS authorization is supported with user-specific access lists only, which are received or
4. Local command authorization is supported by privilege level only.
5. Command accounting is available for TACACS+ only.

RADIUS Server Support

The security appliance supports RADIUS servers.
OL-10088-01
RADIUS Server Support, page 13-3
TACACS+ Server Support, page 13-4
SDI Server Support, page 13-4
NT Server Support, page 13-5
Kerberos Server Support, page 13-5
LDAP Server Support, page 13-6
SSO Support for WebVPN with HTTP Forms, page 13-9
Local Database Support, page 13-9
summarizes the support for each AAA service by each AAA server type, including the local
Summary of AAA Support
Database Type
Local
Yes
Yes
Yes
Yes
No
4
Yes
No
No
No
specified in a RADIUS authentication response.
RADIUS TACACS+ SDI
Yes Yes Yes
Yes Yes Yes
Yes Yes Yes
Yes No No
3
Yes Yes No
No Yes No
Yes Yes No
Yes Yes No
5
Yes Yes No
Cisco Security Appliance Command Line Configuration Guide
AAA Server and Local Database Support
NT Kerberos LDAP
Yes Yes Yes
Yes Yes Yes
2
Yes Yes Yes
No No Yes
No No No
No No No
No No No
No No No
No No No
HTTP
Form
1
Yes
No
No
No
No
No
No
No
No
13-3