Filter
Top Products
6-31
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 6 Managing Policy Objects
Understanding AAA Server and Server Group Objects
Note You cannot edit the protocol if the object is already included in a AAA server group.
Navigation Path
Select Manage > Policy Objects, then select AAA Servers from the Object Type Selector. Right-click
inside the work area and select New Object or right-click a row and select Edit Object.
Related Topics
• Creating AAA Server Objects, page 6-29
• Understanding AAA Server and Server Group Objects, page 6-24
• Policy Object Manager, page 6-4
Field Reference
Table 6-7 AAA Server Dialog Box—General Settings
Element Description
Name The object name, which can be up to 128 characters. Object names are
not case-sensitive. For more information, see Creating Policy Objects,
page 6-9.
Description An optional description of the object.
Host The address of the AAA server to which authentication requests will be
sent. Specify one of the following:
• IP Address—The IP address of the AAA server. You can also enter
the name of a network/host object that contains the host IP address,
or click Select to select the object.
• DNS Name (for PIX/ASA 7.2+ devices only)—The DNS hostname
of the AAA server, up to 128 characters. The hostname can contain
alphanumeric characters and hyphens, but each element of the
hostname must begin and end with an alphanumeric character.
Interface The interface whose IP address should be used for all outgoing
RADIUS or TACACS packets (known as the source interface). Enter
the name of an interface or interface role, or click Select to select it
from a list or to create a new interface role.
Tips
• If you enter the name of an interface, make sure the policy that uses
this AAA object is assigned to a device containing an interface
with this name.
• If you enter the name of an interface role, make sure the role
represents a single interface, not multiple interfaces.
• Only one source interface can be defined for the AAA servers in a
AAA server group. An error is displayed when you submit your
changes if different AAA servers in the group use different source
interfaces. See Creating AAA Server Group Objects, page 6-45.
• You cannot specify an interface name for a AAA server used on an
IPS device.