RADIUS servers provide AAA (authentication, authorization, and accounting) services.
Use the following procedure to create an object:
Procedure
Step 1 | In the CDO navigation bar on the left, click Objects > ASA
Objects. |
Step 2 | Click Create Object ( ). |
Step 3 | Enter an Object name for the object. |
Step 4 | Select the Device Type as ASA. |
Step 5 | Select RADIUS Server as the Identity Source Type. Click Continue. |
Step 6 | Edit the Identity Source configuration with the following properties:
-
Server Name or IP Address - The fully-qualified host name (FQDN) or IP address of the server.
-
Authentication Port (Optional) - The port on which RADIUS authentication and authorization are performed. The default is 1812.
-
Timeout - The length of time, 1-300 seconds, that the system waits for a response from the server before sending the request to the next server. The default is 10 seconds.
-
Enter the Server Secret Key(Optional) - The shared secret that is used to encrypt data between the ASA device and the RADIUS server. The key is a case-sensitive, alphanumeric string of up to 64 characters, with no spaces. The key must start with an alphanumeric character or an underscore, and it can contain the special characters: $ & - _ . + @. The string must match the one configured on the RADIUS server. If you do not configure a secret key, the connection is not encrypted.
|
Step 7 | Click Add. |
Step 8 | Review and deploy now the changes you made, or wait and deploy multiple changes at once. |