Cisco ASA Series Cli Configuration Manual page 2155

Appendix 1 Configuring an External Server for Authorization and Authentication
Table 1-7 ASA Supported RADIUS Attributes and Values (continued)
Attribute Name
L2TP-MPPC-Compression
Member-Of
MS-Client-Subnet-Mask
NAC-Default-ACL
NAC-Enable
NAC-Revalidation-Timer
NAC-Settings
NAC-Status-Query-Timer
Perfect-Forward-Secrecy-Enable
PPTP-Encryption
PPTP-MPPC-Compression
Primary-DNS
Primary-WINS
Privilege-Level
Required-Client- Firewall-Vendor-Code
Required-Client-Firewall-Description
Single
or
Attr. Syntax/ Multi-
ASA No. Type Valued Description or Value
38 Integer Single
Y 145 String Single
Y 63 Boolean Single
92 String
89 Integer Single
91 Integer Single
Y 141 String Single
90 Integer Single
Y 88 Boolean Single
20 Integer Single
37 Integer Single
Y 5 String Single
Y 7 String Single
Y 220 Integer Single
Y 45 Integer Single
Y 47 String Single
Configuring an External RADIUS Server
0 = Disabled
1 = Enabled
Comma-delimited string, for example:
Engineering, Sales
An administrative attribute that can be used
in dynamic access policies. It does not set a
group policy.
An IP address
ACL
0 = No
1 = Yes
300 - 86400 seconds
Name of the NAC policy
30 - 1800 seconds
0 = No
1 = Yes
Bitmap:
1 = Encryption required
2 = 40 bits
4 = 128 bits
8 = Stateless-Required
15= 40/128-Encr/Stateless-Req
0 = Disabled
1 = Enabled
An IP address
An IP address
An integer between 0 and 15.
1 = Cisco Systems (with Cisco Integrated
Client)
2 = Zone Labs
3 = NetworkICE
4 = Sygate
5 = Cisco Systems (with Cisco Intrusion
Prevention Security Agent)
String
Cisco ASA Series CLI Configuration Guide
1-31