1-16
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AAA Servers and the Local Database
Configuring AAA
Step 4
reactivation-mode
{
depletion
[
deadtime
minutes
] |
timed
}
Example:
hostname(config-aaa-server-group)#
reactivation-mode deadtime 20
Specifies the method (reactivation policy) by which
failed servers in a group are reactivated.
The
depletion
keyword reactivates failed servers only
after all of the servers in the group are inactive.
The
deadtime
minutes
keyword-argument pair specifies
the amount of time in minutes, between 0 and 1440, that
elapses between the disabling of the last server in the
group and the subsequent reenabling of all servers. The
default is 10 minutes.
The
timed
keyword reactivates failed servers after 30
seconds of down time.
Step 5
accounting-mode simultaneous
Example:
hostname(config-aaa-server-group)#
accounting-mode simultaneous
Sends accounting messages to all servers in the group
(RADIUS or only).
To restore the default of sending messages only to the
active server, enter the
accounting-mode single
command.
Step 6
aaa-server
server_group
[
interface_name
]
host
server_ip
Example:
hostname(config)#
aaa-server servergroup1 outside
host 10.10.1.1
Identifies the server and the AAA server group to which
it belongs.
When you enter the
aaa-server
host
command, you enter
aaa-server host configuration mode. As needed, use host
configuration mode commands to further configure the
AAA server.
The commands in host configuration mode do not apply
to all AAA server types.
lists the available
commands, the server types to which they apply, and
whether or not a new AAA server definition has a default
value for that command. Where a command is applicable
to the specified server type and no default value is
provided (indicated by “—”), use the command to
specify the value.
Table 1-2
Host Mode Commands, Server Types, and Defaults
Command
Applicable AAA Server
Types
Default Value Description
accounting-port
RADIUS
1646
acl-netmask-convert
RADIUS
standard
authentication-port
RADIUS
1645
kerberos-realm
Kerberos
—
key
RADIUS
—
—
ldap-attribute-map
LDAP
—
ldap-base-dn
LDAP
—
ldap-login-dn
LDAP
—
Command
Purpose
Summary of Contents for 5505 - ASA Firewall Edition Bundle
Page 28: ...Glossary GL 24 Cisco ASA Series CLI Configuration Guide ...
Page 61: ...P A R T 1 Getting Started with the ASA ...
Page 62: ......
Page 219: ...P A R T 2 Configuring High Availability and Scalability ...
Page 220: ......
Page 403: ...P A R T 2 Configuring Interfaces ...
Page 404: ......
Page 499: ...P A R T 2 Configuring Basic Settings ...
Page 500: ......
Page 533: ...P A R T 2 Configuring Objects and Access Lists ...
Page 534: ......
Page 601: ...P A R T 2 Configuring IP Routing ...
Page 602: ......
Page 745: ...P A R T 2 Configuring Network Address Translation ...
Page 746: ......
Page 845: ...P A R T 2 Configuring AAA Servers and the Local Database ...
Page 846: ......
Page 981: ...P A R T 2 Configuring Access Control ...
Page 982: ......
Page 1061: ...P A R T 2 Configuring Service Policies Using the Modular Policy Framework ...
Page 1062: ......
Page 1093: ...P A R T 2 Configuring Application Inspection ...
Page 1094: ......
Page 1191: ...P A R T 2 Configuring Unified Communications ...
Page 1192: ......
Page 1333: ...P A R T 2 Configuring Connection Settings and QoS ...
Page 1334: ......
Page 1379: ...P A R T 2 Configuring Advanced Network Protection ...
Page 1380: ......
Page 1475: ...P A R T 2 Configuring Modules ...
Page 1476: ......
Page 1549: ...P A R T 2 Configuring VPN ...
Page 1550: ......
Page 1965: ...P A R T 2 Configuring Logging SNMP and Smart Call Home ...
Page 1966: ......
Page 2059: ...P A R T 2 System Administration ...
Page 2060: ......
Page 2098: ...1 8 Cisco ASA Series CLI Configuration Guide Chapter 1 Troubleshooting Viewing the Coredump ...
Page 2099: ...P A R T 2 Reference ...
Page 2100: ......