Appendix E
Configuring an External Server for Authorization and Authentication
Table E-6
Security Appliance Supported RADIUS Attributes and Values (continued)
Attribute Name
IPSec-Allow-Passwd-Store
Use-Client-Address
PPTP-Encryption
L2TP-Encryption
IPSec-Split-Tunnel-List
IPSec-Default-Domain
IPSec-Split-DNS-Names
IPSec-Tunnel-Type
IPSec-Mode-Config
IPSec-User-Group-Lock
IPSec-Over-UDP
OL-12172-03
VPN
Attr.
3000 ASA PIX
#
Y
Y
Y
16
Y
17
Y
20
Y
21
Y
Y
Y
27
Y
Y
Y
28
Y
Y
Y
29
Y
Y
Y
30
Y
Y
Y
31
Y
33
Y
Y
Y
34
Cisco Security Appliance Command Line Configuration Guide
Configuring an External RADIUS Server
Single
or
Syntax/
Multi-
Type
Valued
Description or Value
Boolean Single
0 = Disabled
1 = Enabled
Boolean Single
0 = Disabled
1 = Enabled
Integer
Single
Bitmap:
1 = Encryption required
2 = 40 bits
4 = 128 bits
8 = Stateless-Required
15 =
40/128-Encr/Stateless-Req
Integer
Single
Bitmap:
1 = Encryption required
2 = 40 bit
4 = 128 bits
8 = Stateless-Req
15 =
40/128-Encr/Stateless-Req
String
Single
Specifies the name of the
network or access list that
describes the split tunnel
inclusion list
String
Single
Specifies the single default
domain name to send to the
client (1-255 characters)
String
Single
Specifies the list of secondary
domain names to send to the
client (1-255 characters)
Integer
Single
1 = LAN-to-LAN
2 = Remote access
Boolean Single
0 = Disabled
1 = Enabled
Boolean Single
0 = Disabled
1 = Enabled
Boolean Single
0 = Disabled
1 = Enabled
E-35