2 # Copyright (C) 2015 The FreeRADIUS Server project and contributors
4 # Cisco Adaptative Security Appliance (ASA) Dictionary
6 # http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ref_extserver.html#wp1802187
13 BEGIN-VENDOR Cisco-ASA
15 ATTRIBUTE ASA-Simultaneous-Logins 2 integer
16 ATTRIBUTE ASA-Primary-DNS 5 ipaddr
17 ATTRIBUTE ASA-Secondary-DNS 6 ipaddr
18 ATTRIBUTE ASA-Primary-WINS 7 ipaddr
19 ATTRIBUTE ASA-Secondary-WINS 8 ipaddr
20 ATTRIBUTE ASA-SEP-Card-Assignment 9 integer
21 ATTRIBUTE ASA-Tunneling-Protocols 11 integer
22 ATTRIBUTE ASA-IPsec-Sec-Association 12 string
23 ATTRIBUTE ASA-IPsec-Authentication 13 integer
24 ATTRIBUTE ASA-Banner1 15 string
25 ATTRIBUTE ASA-IPsec-Allow-Passwd-Store 16 integer
26 ATTRIBUTE ASA-Use-Client-Address 17 integer
27 ATTRIBUTE ASA-PPTP-Encryption 20 integer
28 ATTRIBUTE ASA-L2TP-Encryption 21 integer
29 ATTRIBUTE ASA-Group-Policy 25 string
30 ATTRIBUTE ASA-IPsec-Split-Tunnel-List 27 string
31 ATTRIBUTE ASA-IPsec-Default-Domain 28 string
32 ATTRIBUTE ASA-IPsec-Split-DNS-Names 29 string
33 ATTRIBUTE ASA-IPsec-Tunnel-Type 30 integer
34 ATTRIBUTE ASA-IPsec-Mode-Config 31 integer
35 ATTRIBUTE ASA-IPsec-Over-UDP 34 integer
36 ATTRIBUTE ASA-IPsec-Over-UDP-Port 35 integer
37 ATTRIBUTE ASA-Banner2 36 string
38 ATTRIBUTE ASA-PPTP-MPPC-Compression 37 integer
39 ATTRIBUTE ASA-L2TP-MPPC-Compression 38 integer
40 ATTRIBUTE ASA-IPsec-IP-Compression 39 integer
41 ATTRIBUTE ASA-IPsec-IKE-Peer-ID-Check 40 integer
42 ATTRIBUTE ASA-IKE-Keep-Alives 41 integer
43 ATTRIBUTE ASA-IPsec-Auth-On-Rekey 42 integer
44 ATTRIBUTE ASA-Required-Client-Firewall-Vendor-Code 45 integer
45 ATTRIBUTE ASA-Required-Client-Firewall-Product-Code 46 integer
46 ATTRIBUTE ASA-Required-Client-Firewall-Description 47 string
47 ATTRIBUTE ASA-Require-HW-Client-Auth 48 integer
48 ATTRIBUTE ASA-Required-Individual-User-Auth 49 integer
49 ATTRIBUTE ASA-Authenticated-User-Idle-Timeout 50 integer
50 ATTRIBUTE ASA-Cisco-IP-Phone-Bypass 51 integer
51 ATTRIBUTE ASA-IPsec-Split-Tunneling-Policy 55 integer
52 ATTRIBUTE ASA-IPsec-Required-Client-Firewall-Capability 56 integer
53 ATTRIBUTE ASA-IPsec-Client-Firewall-Filter-Name 57 string
54 ATTRIBUTE ASA-IPsec-Client-Firewall-Filter-Optional 58 integer
55 ATTRIBUTE ASA-IPsec-Backup-Servers 59 integer
56 ATTRIBUTE ASA-IPsec-Backup-Server-List 60 string
57 ATTRIBUTE ASA-DHCP-Network-Scope 61 ipaddr
58 ATTRIBUTE ASA-Intercept-DHCP-Configure-Msg 62 integer
59 ATTRIBUTE ASA-MS-Client-Subnet-Mask 63 ipaddr
60 ATTRIBUTE ASA-Allow-Network-Extension-Mode 64 integer
61 ATTRIBUTE ASA-Authorization-Type 65 integer
62 ATTRIBUTE ASA-Authorization-Required 66 integer
63 ATTRIBUTE ASA-Authorization-DN-Field 67 string
64 ATTRIBUTE ASA-Authorization-DN-Field 67 string
65 ATTRIBUTE ASA-IKE-KeepAlive-Confidence-Interval 68 integer
66 ATTRIBUTE ASA-WebVPN-Content-Filter-Parameters 69 integer
67 ATTRIBUTE ASA-WebVPN-HTML-Filter 69 integer
68 ATTRIBUTE ASA-WebVPN-URL-List 71 string
69 ATTRIBUTE ASA-WebVPN-Port-Forwarding-List 72 string
70 ATTRIBUTE ASA-WebVPN-Access-List 73 string
71 ATTRIBUTE ASA-WebVPNACL 73 string
72 ATTRIBUTE ASA-WebVPN-HTTP-Proxy-IP-Address 74 string
73 ATTRIBUTE ASA-Cisco-LEAP-Bypass 75 integer
74 ATTRIBUTE ASA-WebVPN-Default-Homepage 76 string
75 ATTRIBUTE ASA-Client-Type-Version-Limiting 77 string
76 ATTRIBUTE ASA-WebVPN-Group-based-HTTP/HTTPS-Proxy-Exception-List 78 string
77 ATTRIBUTE ASA-WebVPN-Port-Forwarding-Name 79 string
78 ATTRIBUTE ASA-IE-Proxy-Server 80 string
79 ATTRIBUTE ASA-IE-Proxy-Server-Policy 81 integer
80 ATTRIBUTE ASA-IE-Proxy-Exception-List 82 string
81 ATTRIBUTE ASA-IE-Proxy-Bypass-Local 83 integer
82 ATTRIBUTE ASA-IKE-Keepalive-Retry-Interval 84 integer
83 ATTRIBUTE ASA-Tunnel-Group-Lock 85 string
84 ATTRIBUTE ASA-Access-List-Inbound 86 string
85 ATTRIBUTE ASA-Access-List-Outbound 87 string
86 ATTRIBUTE ASA-Perfect-Forward-Secrecy-Enable 88 integer
87 ATTRIBUTE ASA-NAC-Enable 89 integer
88 ATTRIBUTE ASA-NAC-Status-Query-Timer 90 integer
89 ATTRIBUTE ASA-NAC-Revalidation-Timer 91 integer
90 ATTRIBUTE ASA-NAC-Default-ACL 92 string
91 ATTRIBUTE ASA-WebVPN-URL-Entry-Enable 93 integer
92 ATTRIBUTE ASA-WebVPN-File-Access-Enable 94 integer
93 ATTRIBUTE ASA-WebVPN-File-Server-Entry-Enable 95 integer
94 ATTRIBUTE ASA-WebVPN-File-Server-Browsing-Enable 96 integer
95 ATTRIBUTE ASA-WebVPN-Port-Forwarding-Enable 97 integer
96 ATTRIBUTE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable 98 integer
97 ATTRIBUTE ASA-WebVPN-Port-Forwarding-HTTP-Proxy 99 integer
98 ATTRIBUTE ASA-WebVPN-Citrix-Metaframe-Enable 101 integer
99 ATTRIBUTE ASA-WebVPN-Apply-ACL 102 integer
100 ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Enable 103 integer
101 ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Required 104 integer
102 ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Keep-Installation 105 integer
103 ATTRIBUTE ASA-SVC-Keepalive 107 integer
104 ATTRIBUTE ASA-WebVPN-SVC-Keepalive-Frequency 107 integer
105 ATTRIBUTE ASA-SVC-DPD-Interval-Client 108 integer
106 ATTRIBUTE ASA-WebVPN-SVC-Client-DPD-Frequency 108 integer
107 ATTRIBUTE ASA-SVC-DPD-Interval-Gateway 109 integer
108 ATTRIBUTE ASA-WebVPN-SVC-Gateway-DPD-Frequency 109 integer
109 ATTRIBUTE ASA-SVC-Rekey-Time 110 integer
110 ATTRIBUTE ASA-WebVPN-SVC-Rekey-Time 110 integer
111 ATTRIBUTE ASA-WebVPN-SVC-Rekey-Method 111 integer
112 ATTRIBUTE ASA-WebVPN-SVC-Compression 112 integer
113 ATTRIBUTE ASA-WebVPN-Customization 113 string
114 ATTRIBUTE ASA-WebVPN-SSO-Server-Name 114 string
115 ATTRIBUTE ASA-WebVPN-Deny-Message 116 string
116 ATTRIBUTE ASA-WebVPN-HTTP-Compression 120 integer
117 ATTRIBUTE ASA-WebVPN-Keepalive-Ignore 121 integer
118 ATTRIBUTE ASA-Extended-Authentication-On-Rekey 122 integer
119 ATTRIBUTE ASA-SVC-DTLS 123 integer
120 ATTRIBUTE ASA-WebVPN-SVC-DTLS-Enable 123 integer
121 ATTRIBUTE ASA-WebVPN-Auto-HTTP-Signon 124 string
122 ATTRIBUTE ASA-SVC-MTU 125 integer
123 ATTRIBUTE ASA-WebVPN-SVC-DTLS-MTU 125 integer
124 ATTRIBUTE ASA-WebVPN-Hidden-Shares 126 integer
125 ATTRIBUTE ASA-SVC-Modules 127 string
126 ATTRIBUTE ASA-SVC-Profiles 128 string
127 ATTRIBUTE ASA-SVC-Ask 131 integer
128 ATTRIBUTE ASA-SVC-Ask-Timeout 132 integer
129 ATTRIBUTE ASA-IE-Proxy-PAC-URL 133 string
130 ATTRIBUTE ASA-Strip-Realm 135 integer
131 ATTRIBUTE ASA-Smart-Tunnel 136 string
132 ATTRIBUTE ASA-WebVPN-Smart-Tunnel 136 string
133 ATTRIBUTE ASA-WebVPN-ActiveX-Relay 137 integer
134 ATTRIBUTE ASA-Smart-Tunnel-Auto 138 integer
135 ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Auto-Start 138 integer
136 ATTRIBUTE ASA-Smart-Tunnel-Auto-Signon-Enable 139 string
137 ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Auto-Sign-On 139 string
138 ATTRIBUTE ASA-VLAN 140 integer
139 ATTRIBUTE ASA-NAC-Settings 141 string
140 ATTRIBUTE ASA-Member-Of 145 string
141 ATTRIBUTE ASA-TunnelGroupName 146 string
142 ATTRIBUTE ASA-WebVPN-Idle-Timeout-Alert-Interval 148 integer
143 ATTRIBUTE ASA-WebVPN-Session-Timeout-Alert-Interval 149 integer
144 ATTRIBUTE ASA-ClientType 150 integer
145 ATTRIBUTE ASA-SessionType 151 integer
146 ATTRIBUTE ASA-SessionSubtype 152 integer
147 ATTRIBUTE ASA-WebVPN-Download_Max-Size 157 integer
148 ATTRIBUTE ASA-WebVPN-Upload-Max-Size 158 integer
149 ATTRIBUTE ASA-WebVPN-Post-Max-Size 159 integer
150 ATTRIBUTE ASA-WebVPN-User-Storage 160 string
151 ATTRIBUTE ASA-WebVPN-Storage-Objects 161 string
152 ATTRIBUTE ASA-WebVPN-Storage-Key 162 string
153 ATTRIBUTE ASA-WebVPN-VDI 163 string
154 ATTRIBUTE ASA-Address-Pools 217 string
155 ATTRIBUTE ASA-IPv6-Address-Pools 218 string
156 ATTRIBUTE ASA-IPv6-VPN-Filter 219 string
157 ATTRIBUTE ASA-Privilege-Level 220 integer
158 ATTRIBUTE ASA-WebVPN-UNIX-User-ID 221 integer
159 ATTRIBUTE ASA-WebVPN-UNIX-Group-ID 222 integer
160 ATTRIBUTE ASA-WebVPN-Macro-Substitution-Value1 223 string
161 ATTRIBUTE ASA-WebVPN-Macro-Substitution-Value2 224 string
162 ATTRIBUTE ASA-WebVPNSmart-Card-Removal-Disconnect 225 integer
163 ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Tunnel-Policy 227 string
164 ATTRIBUTE ASA-WebVPN-Home-Page-Use-Smart-Tunnel 228 integer
166 VALUE ASA-Authorization-Required No 0
167 VALUE ASA-Authorization-Required Yes 1
169 VALUE ASA-Authorization-Type None 0
170 VALUE ASA-Authorization-Type Radius 1
171 VALUE ASA-Authorization-Type LDAP 2
173 VALUE ASA-Cisco-IP-Phone-Bypass Disabled 0
174 VALUE ASA-Cisco-IP-Phone-Bypass Enabled 1
176 VALUE ASA-Cisco-LEAP-Bypass Disabled 0
177 VALUE ASA-Cisco-LEAP-Bypass Enabled 1
179 VALUE ASA-ClientType Cisco-VPN-Client-IKEv1 1
180 VALUE ASA-ClientType AnyConnect-Client-SSL-VPN 2
181 VALUE ASA-ClientType Clientless-SSL-VPN 3
182 VALUE ASA-ClientType Cut-Through-Proxy 4
183 VALUE ASA-ClientType L2TP/IPsec-SSL-VPN 5
184 VALUE ASA-ClientType AnyConnect-Client-IPSec-VPN-IKEv2 6
186 VALUE ASA-Extended-Authentication-On-Rekey Disabled 0
187 VALUE ASA-Extended-Authentication-On-Rekey Enabled 1
189 VALUE ASA-IE-Proxy-Bypass-Local None 0
190 VALUE ASA-IE-Proxy-Bypass-Local Local 1
192 VALUE ASA-IE-Proxy-Server-Policy No-Modify 1
193 VALUE ASA-IE-Proxy-Server-Policy No-Proxy 2
194 VALUE ASA-IE-Proxy-Server-Policy Auto-detect 3
195 VALUE ASA-IE-Proxy-Server-Policy Use-Concentrator-Setting 4
197 VALUE ASA-IKE-Keep-Alives Disabled 0
198 VALUE ASA-IKE-Keep-Alives Enabled 1
200 VALUE ASA-Allow-Network-Extension-Mode Disabled 0
201 VALUE ASA-Allow-Network-Extension-Mode Enabled 1
203 VALUE ASA-Intercept-DHCP-Configure-Msg Disabled 0
204 VALUE ASA-Intercept-DHCP-Configure-Msg Enabled 1
206 VALUE ASA-IPsec-Allow-Passwd-Store Disabled 0
207 VALUE ASA-IPsec-Allow-Passwd-Store Enabled 1
209 VALUE ASA-IPsec-Authentication None 0
210 VALUE ASA-IPsec-Authentication RADIUS 1
211 VALUE ASA-IPsec-Authentication LDAP-Authorization-only 2
212 VALUE ASA-IPsec-Authentication NT-Domain 3
213 VALUE ASA-IPsec-Authentication SDI 4
214 VALUE ASA-IPsec-Authentication Internal 5
215 VALUE ASA-IPsec-Authentication RADIUS-with-Expiry 6
216 VALUE ASA-IPsec-Authentication Kerberos/Active-Directory 7
218 VALUE ASA-IPsec-Auth-On-Rekey Disabled 0
219 VALUE ASA-IPsec-Auth-On-Rekey Enabled 1
221 VALUE ASA-IPsec-Backup-Servers Use-Client-Configured-List 1
222 VALUE ASA-IPsec-Backup-Servers Disable-and-clear-client-list 2
223 VALUE ASA-IPsec-Backup-Servers Use-Backup-Server-List 3
225 VALUE ASA-IPsec-Client-Firewall-Filter-Optional Required 0
226 VALUE ASA-IPsec-Client-Firewall-Filter-Optional Optional 1
228 VALUE ASA-IPsec-IKE-Peer-ID-Check Required 1
229 VALUE ASA-IPsec-IKE-Peer-ID-Check If-Supported-By-Peer-Certificate 2
230 VALUE ASA-IPsec-IKE-Peer-ID-Check Do-Not-Check 3
232 VALUE ASA-IPsec-IP-Compression Disabled 0
233 VALUE ASA-IPsec-IP-Compression Enabled 1
235 VALUE ASA-IPsec-Mode-Config Disabled 0
236 VALUE ASA-IPsec-Mode-Config Enabled 1
238 VALUE ASA-IPsec-Over-UDP Disabled 0
239 VALUE ASA-IPsec-Over-UDP Enabled 1
241 VALUE ASA-IPsec-Required-Client-Firewall-Capability None 0
242 VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-Remotely-Defined 1
243 VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-Pushed 2
244 VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-from-Server 4
246 VALUE ASA-IPsec-Split-Tunneling-Policy No-Split-Tunneling 0
247 VALUE ASA-IPsec-Split-Tunneling-Policy Split-Tunneling 1
248 VALUE ASA-IPsec-Split-Tunneling-Policy Local-LAN-Permitted 2
250 VALUE ASA-IPsec-Tunnel-Type LAN-to-LAN 1
251 VALUE ASA-IPsec-Tunnel-Type Remote-Access 2
253 VALUE ASA-L2TP-MPPC-Compression Disabled 0
254 VALUE ASA-L2TP-MPPC-Compression Enabled 1
256 VALUE ASA-NAC-Enable No 0
257 VALUE ASA-NAC-Enable Yes 1
259 VALUE ASA-Perfect-Forward-Secrecy-Enable No 0
260 VALUE ASA-Perfect-Forward-Secrecy-Enable Yes 1
262 VALUE ASA-PPTP-MPPC-Compression Disabled 0
263 VALUE ASA-PPTP-MPPC-Compression Enabled 1
265 VALUE ASA-Required-Client-Firewall-Vendor-Code Cisco-CIC 1
266 VALUE ASA-Required-Client-Firewall-Vendor-Code Zone-Labs 2
267 VALUE ASA-Required-Client-Firewall-Vendor-Code NetworkICE 3
268 VALUE ASA-Required-Client-Firewall-Vendor-Code Sygate 4
269 VALUE ASA-Required-Client-Firewall-Vendor-Code Cisco-IPSA 5
271 VALUE ASA-Required-Individual-User-Auth Disabled 0
272 VALUE ASA-Required-Individual-User-Auth Enabled 1
274 VALUE ASA-Require-HW-Client-Auth Disabled 0
275 VALUE ASA-Require-HW-Client-Auth Enabled 1
277 VALUE ASA-SessionSubtype None 0
278 VALUE ASA-SessionSubtype Clientless 1
279 VALUE ASA-SessionSubtype Client 2
280 VALUE ASA-SessionSubtype Client-Only 3
282 VALUE ASA-SessionType None 0
283 VALUE ASA-SessionType AnyConnect-Client-SSL-VPN 1
284 VALUE ASA-SessionType AnyConnect-Client-IPSec-VPN/IKEv2 2
285 VALUE ASA-SessionType Clientless-SSL-VPN 3
286 VALUE ASA-SessionType Clientless-Email-Proxy 4
287 VALUE ASA-SessionType Cisco-VPN-Client/IKEv1 5
288 VALUE ASA-SessionType IKEv1-LAN-to-LAN 6
289 VALUE ASA-SessionType IKEv2-LAN-to-LAN 7
290 VALUE ASA-SessionType VPN-Load-Balancing 8
292 VALUE ASA-Smart-Tunnel-Auto Disabled 0
293 VALUE ASA-Smart-Tunnel-Auto Enabled 1
294 VALUE ASA-Smart-Tunnel-Auto AutoStart 2
296 VALUE ASA-Strip-Realm Disabled 0
297 VALUE ASA-Strip-Realm Enabled 1
299 VALUE ASA-SVC-Ask Disabled 0
300 VALUE ASA-SVC-Ask Enabled 1
301 VALUE ASA-SVC-Ask Enable-Default-Service 3
302 VALUE ASA-SVC-Ask Enable-Default-Clientless 5
304 VALUE ASA-SVC-DTLS FALSE 0
305 VALUE ASA-SVC-DTLS TRUE 1
307 VALUE ASA-Use-Client-Address Disabled 0
308 VALUE ASA-Use-Client-Address Enabled 1
310 VALUE ASA-WebVPN-Apply-ACL Disabled 0
311 VALUE ASA-WebVPN-Apply-ACL Enabled 1
313 VALUE ASA-WebVPN-Citrix-Metaframe-Enable Disabled 0
314 VALUE ASA-WebVPN-Citrix-Metaframe-Enable Enabled 1
316 VALUE ASA-WebVPN-File-Access-Enable Disabled 0
317 VALUE ASA-WebVPN-File-Access-Enable Enabled 1
319 VALUE ASA-WebVPN-File-Server-Browsing-Enable Disabled 0
320 VALUE ASA-WebVPN-File-Server-Browsing-Enable Enabled 1
322 VALUE ASA-WebVPN-File-Server-Entry-Enable Disabled 0
323 VALUE ASA-WebVPN-File-Server-Entry-Enable Enabled 1
325 VALUE ASA-WebVPN-Hidden-Shares None 0
326 VALUE ASA-WebVPN-Hidden-Shares Visible 1
328 VALUE ASA-WebVPN-HTTP-Compression Off 0
329 VALUE ASA-WebVPN-HTTP-Compression Deflate-Compression 1
331 VALUE ASA-WebVPN-Port-Forwarding-Enable Disabled 0
332 VALUE ASA-WebVPN-Port-Forwarding-Enable Enabled 1
334 VALUE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable Disabled 0
335 VALUE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable Enabled 1
337 VALUE ASA-WebVPN-Port-Forwarding-HTTP-Proxy Disabled 0
338 VALUE ASA-WebVPN-Port-Forwarding-HTTP-Proxy Enabled 1
340 VALUE ASA-WebVPNSmart-Card-Removal-Disconnect Disabled 0
341 VALUE ASA-WebVPNSmart-Card-Removal-Disconnect Enabled 1
343 VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start Disabled 0
344 VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start Enabled 1
345 VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start AutoStart 2
347 VALUE ASA-WebVPN-SSL-VPN-Client-Enable Disabled 0
348 VALUE ASA-WebVPN-SSL-VPN-Client-Enable Enabled 1
350 VALUE ASA-WebVPN-SSL-VPN-Client-Keep-Installation Disabled 0
351 VALUE ASA-WebVPN-SSL-VPN-Client-Keep-Installation Enabled 1
353 VALUE ASA-WebVPN-SSL-VPN-Client-Required Disabled 0
354 VALUE ASA-WebVPN-SSL-VPN-Client-Required Enabled 1
356 VALUE ASA-WebVPN-SVC-DTLS-Enable Disabled 0
357 VALUE ASA-WebVPN-SVC-DTLS-Enable Enabled 1
359 VALUE ASA-WebVPN-SVC-Rekey-Method Off 0
360 VALUE ASA-WebVPN-SVC-Rekey-Method SSL 1
361 VALUE ASA-WebVPN-SVC-Rekey-Method New-Tunnel 2
363 VALUE ASA-WebVPN-SVC-Compression Off 0
364 VALUE ASA-WebVPN-SVC-Compression Deflate-Compression 1
366 VALUE ASA-WebVPN-URL-Entry-Enable Disabled 0
367 VALUE ASA-WebVPN-URL-Entry-Enable Enabled 1