user manual
14-3
Cisco ASDM User Guide
OL-16647-01
Chapter 14 Configuring AAA Servers and the Local Database
AAA Server and Local Database Support
AAA Server and Local Database Support
The security appliance supports a variety of AAA server types and a local database that is stored on the
security appliance. This section describes support for each AAA server type and the local database.
This section contains the following topics:
• Summary of Support, page 14-3
• RADIUS Server Support, page 14-4
• TACACS+ Server Support, page 14-4
• SDI Server Support, page 14-5
• NT Server Support, page 14-5
• Kerberos Server Support, page 14-5
• LDAP Server Support, page 14-6
• SSO Support for WebVPN with HTTP Forms, page 14-7
• Local Database Support, page 14-8
Summary of Support
Table 14-1 summarizes the support for each AAA service by each AAA server type, including the local
database. For more information about support for a specific AAA server type, refer to the topics
following the table.
Table 14-1 Summary of AAA Support
AAA Service
Database Type
Local RADIUS TACACS+ SDI NT Kerberos LDAP
HTTP
Form
Authentication of...
VP N us ers Yes Yes Yes Yes Yes Yes Yes Yes
1
1. HTTP Form protocol supports single sign-on authentication for WebVPN users only.
Fi rewal l s ess ion s Yes Yes Yes Yes Yes Yes Yes No
Administrators Yes Yes Yes Yes
2
2. SDI is not supported for HTTP administrative access.
Yes Yes Yes No
Authorization of...
VPN users Yes Yes No No No No Yes No
Firewall sessions No Yes
3
3. For firewall sessions, RADIUS authorization is supported with user-specific access lists only, which are received or
specified in a RADIUS authentication response.
Yes NoNoNo NoNo
Administrators Yes
4
No Yes NoNoNo NoNo
Accounting of...
VPN connections No Yes Yes No No No No No
Firewall sessionsNoYes Yes NoNoNo NoNo
Administrators No Yes
5
Yes NoNoNo NoNo