Cisco ASDM User Guide

Step 1 To enable management authorization, go to Configuration > Device Management > Users/AAA > AAA
Access > Authorization, and check the Perform authorization for exec shell access > Enable check box.
This option also enables support of administrative user privilege levels from RADIUS, which can be used in conjunction with local command privilege levels for command authorization. See the “Configuring Local Command Authorization” section on page 16-25 for more information.
Step 2 To configure the user for management authorization, see the following requirements for each AAA server type or local user:
• RADIUS or LDAP (mapped) users—Configure the Service-Type attribute for one of the following values.
• RADIUS or LDAP (mapped) users—Use the IETF RADIUS numeric Service-Type attribute which maps to one of the following values.
– Service-Type 6 (admin)—Allows full access to any services specified by the Authentication tab options
– Service-Type 7 (nas-prompt)—Allows access to the CLI when you configure the Telnet or SSH authentication options, but denies ASDM configuration access if you configure the HTTP option. ASDM monitoring access is allowed. If you configure enable authentication with the Enable option, the user cannot access privileged EXEC mode using the enable command.
– Service-Type 5 (remote-access)—Denies management access. The user cannot use any services specified by the Authentication tab options (excluding the Serial option; serial access is allowed). Remote-access (IPSec and SSL) users can still authenticate and terminate their remote-access sessions.
• TACACS+ users—Authorization is requested with the “service=shell” and the server responds with PASS or FAIL.
– PASS, privilege level 1—Allows full access to any services specified by the Authentication tab options.
– PASS, privilege level 2 and higher—Allows access to the CLI when you configure the Telnet or SSH authentication options, but denies ASDM configuration access if you configure the HTTP option. ASDM monitoring access is allowed. If you configure enable authentication with the Enable option, the user cannot access privileged EXEC mode using the enable command.
– FAIL—Denies management access. The user cannot use any services specified by the Authentication tab options (excluding the Serial option; serial access is allowed).

Preface
Related Documentation
Document Conventions
Obtaining Documentation and Submitting a Service Request
PART 1 Getting Started
CHAPTER 1 Welcome to ASDM
ASDM Client Operating System and Browser Requirements
VPN Specifications
Supported Platforms and SSMs
New ASDM Features
Multiple ASDM Session Support
Unsupported Commands
Ignored and View-Only Commands
Effects of Unsupported Commands
Discontinuous Subnet Masks Not Supported
Interactive User Commands Not Supported by the ASDM CLI Tool
About the ASDM Interface
Menus
File Menu
View Menu
Tools Menu
Wizards Menu
Window Menu
Help Menu
Toolbar
ASDM Assistant
Status Bar
Connection to Device
Device List
Common Buttons
Keyboard Shortcuts

Si le lien ne fonctionne pas correctement, veuillez nous contacter (mentionner le lien dans votre message)
Cisco ASDM User Guide (13,5 MO) (Cours PDF)
Cisco ASDM User Guide

Télécharger aussi :

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *