1# -*- text -*- 2# Copyright (C) 2015 The FreeRADIUS Server project and contributors 3# 4# Cisco Adaptative Security Appliance (ASA) Dictionary 5# 6# http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ref_extserver.html#wp1802187 7# 8# $Id: bd5b425d6d8aef0a47ff06ae3110ff1b5a1e307d $ 9# 10 11VENDOR Cisco-ASA 3076 12 13BEGIN-VENDOR Cisco-ASA 14 15ATTRIBUTE ASA-Simultaneous-Logins 2 integer 16ATTRIBUTE ASA-Primary-DNS 5 ipaddr 17ATTRIBUTE ASA-Secondary-DNS 6 ipaddr 18ATTRIBUTE ASA-Primary-WINS 7 ipaddr 19ATTRIBUTE ASA-Secondary-WINS 8 ipaddr 20ATTRIBUTE ASA-SEP-Card-Assignment 9 integer 21ATTRIBUTE ASA-Tunneling-Protocols 11 integer 22ATTRIBUTE ASA-IPsec-Sec-Association 12 string 23ATTRIBUTE ASA-IPsec-Authentication 13 integer 24ATTRIBUTE ASA-Banner1 15 string 25ATTRIBUTE ASA-IPsec-Allow-Passwd-Store 16 integer 26ATTRIBUTE ASA-Use-Client-Address 17 integer 27ATTRIBUTE ASA-PPTP-Encryption 20 integer 28ATTRIBUTE ASA-L2TP-Encryption 21 integer 29ATTRIBUTE ASA-Group-Policy 25 string 30ATTRIBUTE ASA-IPsec-Split-Tunnel-List 27 string 31ATTRIBUTE ASA-IPsec-Default-Domain 28 string 32ATTRIBUTE ASA-IPsec-Split-DNS-Names 29 string 33ATTRIBUTE ASA-IPsec-Tunnel-Type 30 integer 34ATTRIBUTE ASA-IPsec-Mode-Config 31 integer 35ATTRIBUTE ASA-IPsec-Over-UDP 34 integer 36ATTRIBUTE ASA-IPsec-Over-UDP-Port 35 integer 37ATTRIBUTE ASA-Banner2 36 string 38ATTRIBUTE ASA-PPTP-MPPC-Compression 37 integer 39ATTRIBUTE ASA-L2TP-MPPC-Compression 38 integer 40ATTRIBUTE ASA-IPsec-IP-Compression 39 integer 41ATTRIBUTE ASA-IPsec-IKE-Peer-ID-Check 40 integer 42ATTRIBUTE ASA-IKE-Keep-Alives 41 integer 43ATTRIBUTE ASA-IPsec-Auth-On-Rekey 42 integer 44ATTRIBUTE ASA-Required-Client-Firewall-Vendor-Code 45 integer 45ATTRIBUTE ASA-Required-Client-Firewall-Product-Code 46 integer 46ATTRIBUTE ASA-Required-Client-Firewall-Description 47 string 47ATTRIBUTE ASA-Require-HW-Client-Auth 48 integer 48ATTRIBUTE ASA-Required-Individual-User-Auth 49 integer 49ATTRIBUTE ASA-Authenticated-User-Idle-Timeout 50 integer 50ATTRIBUTE ASA-Cisco-IP-Phone-Bypass 51 integer 51ATTRIBUTE ASA-IPsec-Split-Tunneling-Policy 55 integer 52ATTRIBUTE ASA-IPsec-Required-Client-Firewall-Capability 56 integer 53ATTRIBUTE ASA-IPsec-Client-Firewall-Filter-Name 57 string 54ATTRIBUTE ASA-IPsec-Client-Firewall-Filter-Optional 58 integer 55ATTRIBUTE ASA-IPsec-Backup-Servers 59 integer 56ATTRIBUTE ASA-IPsec-Backup-Server-List 60 string 57ATTRIBUTE ASA-DHCP-Network-Scope 61 ipaddr 58ATTRIBUTE ASA-Intercept-DHCP-Configure-Msg 62 integer 59ATTRIBUTE ASA-MS-Client-Subnet-Mask 63 ipaddr 60ATTRIBUTE ASA-Allow-Network-Extension-Mode 64 integer 61ATTRIBUTE ASA-Authorization-Type 65 integer 62ATTRIBUTE ASA-Authorization-Required 66 integer 63ATTRIBUTE ASA-Authorization-DN-Field 67 string 64ATTRIBUTE ASA-IKE-KeepAlive-Confidence-Interval 68 integer 65ATTRIBUTE ASA-WebVPN-Content-Filter-Parameters 69 integer 66ATTRIBUTE ASA-WebVPN-HTML-Filter 70 integer 67ATTRIBUTE ASA-WebVPN-URL-List 71 string 68ATTRIBUTE ASA-WebVPN-Port-Forwarding-List 72 string 69ATTRIBUTE ASA-WebVPN-Access-List 73 string 70ATTRIBUTE ASA-WebVPNACL 73 string 71ATTRIBUTE ASA-WebVPN-HTTP-Proxy-IP-Address 74 string 72ATTRIBUTE ASA-Cisco-LEAP-Bypass 75 integer 73ATTRIBUTE ASA-WebVPN-Default-Homepage 76 string 74ATTRIBUTE ASA-Client-Type-Version-Limiting 77 string 75ATTRIBUTE ASA-WebVPN-Group-based-HTTP/HTTPS-Proxy-Exception-List 78 string 76ATTRIBUTE ASA-WebVPN-Port-Forwarding-Name 79 string 77ATTRIBUTE ASA-IE-Proxy-Server 80 string 78ATTRIBUTE ASA-IE-Proxy-Server-Policy 81 integer 79ATTRIBUTE ASA-IE-Proxy-Exception-List 82 string 80ATTRIBUTE ASA-IE-Proxy-Bypass-Local 83 integer 81ATTRIBUTE ASA-IKE-Keepalive-Retry-Interval 84 integer 82ATTRIBUTE ASA-Tunnel-Group-Lock 85 string 83ATTRIBUTE ASA-Access-List-Inbound 86 string 84ATTRIBUTE ASA-Access-List-Outbound 87 string 85ATTRIBUTE ASA-Perfect-Forward-Secrecy-Enable 88 integer 86ATTRIBUTE ASA-NAC-Enable 89 integer 87ATTRIBUTE ASA-NAC-Status-Query-Timer 90 integer 88ATTRIBUTE ASA-NAC-Revalidation-Timer 91 integer 89ATTRIBUTE ASA-NAC-Default-ACL 92 string 90ATTRIBUTE ASA-WebVPN-URL-Entry-Enable 93 integer 91ATTRIBUTE ASA-WebVPN-File-Access-Enable 94 integer 92ATTRIBUTE ASA-WebVPN-File-Server-Entry-Enable 95 integer 93ATTRIBUTE ASA-WebVPN-File-Server-Browsing-Enable 96 integer 94ATTRIBUTE ASA-WebVPN-Port-Forwarding-Enable 97 integer 95ATTRIBUTE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable 98 integer 96ATTRIBUTE ASA-WebVPN-Port-Forwarding-HTTP-Proxy 99 integer 97ATTRIBUTE ASA-WebVPN-Citrix-Metaframe-Enable 101 integer 98ATTRIBUTE ASA-WebVPN-Apply-ACL 102 integer 99ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Enable 103 integer 100ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Required 104 integer 101ATTRIBUTE ASA-WebVPN-SSL-VPN-Client-Keep-Installation 105 integer 102ATTRIBUTE ASA-SVC-Keepalive 107 integer 103ATTRIBUTE ASA-WebVPN-SVC-Keepalive-Frequency 107 integer 104ATTRIBUTE ASA-SVC-DPD-Interval-Client 108 integer 105ATTRIBUTE ASA-WebVPN-SVC-Client-DPD-Frequency 108 integer 106ATTRIBUTE ASA-SVC-DPD-Interval-Gateway 109 integer 107ATTRIBUTE ASA-WebVPN-SVC-Gateway-DPD-Frequency 109 integer 108ATTRIBUTE ASA-SVC-Rekey-Time 110 integer 109ATTRIBUTE ASA-WebVPN-SVC-Rekey-Time 110 integer 110ATTRIBUTE ASA-WebVPN-SVC-Rekey-Method 111 integer 111ATTRIBUTE ASA-WebVPN-SVC-Compression 112 integer 112ATTRIBUTE ASA-WebVPN-Customization 113 string 113ATTRIBUTE ASA-WebVPN-SSO-Server-Name 114 string 114ATTRIBUTE ASA-WebVPN-Deny-Message 116 string 115ATTRIBUTE ASA-WebVPN-HTTP-Compression 120 integer 116ATTRIBUTE ASA-WebVPN-Keepalive-Ignore 121 integer 117ATTRIBUTE ASA-Extended-Authentication-On-Rekey 122 integer 118ATTRIBUTE ASA-SVC-DTLS 123 integer 119ATTRIBUTE ASA-WebVPN-SVC-DTLS-Enable 123 integer 120ATTRIBUTE ASA-WebVPN-Auto-HTTP-Signon 124 string 121ATTRIBUTE ASA-SVC-MTU 125 integer 122ATTRIBUTE ASA-WebVPN-SVC-DTLS-MTU 125 integer 123ATTRIBUTE ASA-WebVPN-Hidden-Shares 126 integer 124ATTRIBUTE ASA-SVC-Modules 127 string 125ATTRIBUTE ASA-SVC-Profiles 128 string 126ATTRIBUTE ASA-SVC-Ask 131 integer 127ATTRIBUTE ASA-SVC-Ask-Timeout 132 integer 128ATTRIBUTE ASA-IE-Proxy-PAC-URL 133 string 129ATTRIBUTE ASA-Strip-Realm 135 integer 130ATTRIBUTE ASA-Smart-Tunnel 136 string 131ATTRIBUTE ASA-WebVPN-Smart-Tunnel 136 string 132ATTRIBUTE ASA-WebVPN-ActiveX-Relay 137 integer 133ATTRIBUTE ASA-Smart-Tunnel-Auto 138 integer 134ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Auto-Start 138 integer 135ATTRIBUTE ASA-Smart-Tunnel-Auto-Signon-Enable 139 string 136ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Auto-Sign-On 139 string 137ATTRIBUTE ASA-VLAN 140 integer 138ATTRIBUTE ASA-NAC-Settings 141 string 139ATTRIBUTE ASA-Member-Of 145 string 140ATTRIBUTE ASA-TunnelGroupName 146 string 141ATTRIBUTE ASA-WebVPN-Idle-Timeout-Alert-Interval 148 integer 142ATTRIBUTE ASA-WebVPN-Session-Timeout-Alert-Interval 149 integer 143ATTRIBUTE ASA-ClientType 150 integer 144ATTRIBUTE ASA-SessionType 151 integer 145ATTRIBUTE ASA-SessionSubtype 152 integer 146ATTRIBUTE ASA-WebVPN-Download_Max-Size 157 integer 147ATTRIBUTE ASA-WebVPN-Upload-Max-Size 158 integer 148ATTRIBUTE ASA-WebVPN-Post-Max-Size 159 integer 149ATTRIBUTE ASA-WebVPN-User-Storage 160 string 150ATTRIBUTE ASA-WebVPN-Storage-Objects 161 string 151ATTRIBUTE ASA-WebVPN-Storage-Key 162 string 152ATTRIBUTE ASA-WebVPN-VDI 163 string 153ATTRIBUTE ASA-Address-Pools 217 string 154ATTRIBUTE ASA-IPv6-Address-Pools 218 string 155ATTRIBUTE ASA-IPv6-VPN-Filter 219 string 156ATTRIBUTE ASA-Privilege-Level 220 integer 157ATTRIBUTE ASA-WebVPN-UNIX-User-ID 221 integer 158ATTRIBUTE ASA-WebVPN-UNIX-Group-ID 222 integer 159ATTRIBUTE ASA-WebVPN-Macro-Substitution-Value1 223 string 160ATTRIBUTE ASA-WebVPN-Macro-Substitution-Value2 224 string 161ATTRIBUTE ASA-WebVPNSmart-Card-Removal-Disconnect 225 integer 162ATTRIBUTE ASA-WebVPN-Smart-Tunnel-Tunnel-Policy 227 string 163ATTRIBUTE ASA-WebVPN-Home-Page-Use-Smart-Tunnel 228 integer 164 165VALUE ASA-Authorization-Required No 0 166VALUE ASA-Authorization-Required Yes 1 167 168VALUE ASA-Authorization-Type None 0 169VALUE ASA-Authorization-Type Radius 1 170VALUE ASA-Authorization-Type LDAP 2 171 172VALUE ASA-Cisco-IP-Phone-Bypass Disabled 0 173VALUE ASA-Cisco-IP-Phone-Bypass Enabled 1 174 175VALUE ASA-Cisco-LEAP-Bypass Disabled 0 176VALUE ASA-Cisco-LEAP-Bypass Enabled 1 177 178VALUE ASA-ClientType Cisco-VPN-Client-IKEv1 1 179VALUE ASA-ClientType AnyConnect-Client-SSL-VPN 2 180VALUE ASA-ClientType Clientless-SSL-VPN 3 181VALUE ASA-ClientType Cut-Through-Proxy 4 182VALUE ASA-ClientType L2TP/IPsec-SSL-VPN 5 183VALUE ASA-ClientType AnyConnect-Client-IPSec-VPN-IKEv2 6 184 185VALUE ASA-Extended-Authentication-On-Rekey Disabled 0 186VALUE ASA-Extended-Authentication-On-Rekey Enabled 1 187 188VALUE ASA-IE-Proxy-Bypass-Local None 0 189VALUE ASA-IE-Proxy-Bypass-Local Local 1 190 191VALUE ASA-IE-Proxy-Server-Policy No-Modify 1 192VALUE ASA-IE-Proxy-Server-Policy No-Proxy 2 193VALUE ASA-IE-Proxy-Server-Policy Auto-detect 3 194VALUE ASA-IE-Proxy-Server-Policy Use-Concentrator-Setting 4 195 196VALUE ASA-IKE-Keep-Alives Disabled 0 197VALUE ASA-IKE-Keep-Alives Enabled 1 198 199VALUE ASA-Allow-Network-Extension-Mode Disabled 0 200VALUE ASA-Allow-Network-Extension-Mode Enabled 1 201 202VALUE ASA-Intercept-DHCP-Configure-Msg Disabled 0 203VALUE ASA-Intercept-DHCP-Configure-Msg Enabled 1 204 205VALUE ASA-IPsec-Allow-Passwd-Store Disabled 0 206VALUE ASA-IPsec-Allow-Passwd-Store Enabled 1 207 208VALUE ASA-IPsec-Authentication None 0 209VALUE ASA-IPsec-Authentication RADIUS 1 210VALUE ASA-IPsec-Authentication LDAP-Authorization-only 2 211VALUE ASA-IPsec-Authentication NT-Domain 3 212VALUE ASA-IPsec-Authentication SDI 4 213VALUE ASA-IPsec-Authentication Internal 5 214VALUE ASA-IPsec-Authentication RADIUS-with-Expiry 6 215VALUE ASA-IPsec-Authentication Kerberos/Active-Directory 7 216 217VALUE ASA-IPsec-Auth-On-Rekey Disabled 0 218VALUE ASA-IPsec-Auth-On-Rekey Enabled 1 219 220VALUE ASA-IPsec-Backup-Servers Use-Client-Configured-List 1 221VALUE ASA-IPsec-Backup-Servers Disable-and-clear-client-list 2 222VALUE ASA-IPsec-Backup-Servers Use-Backup-Server-List 3 223 224VALUE ASA-IPsec-Client-Firewall-Filter-Optional Required 0 225VALUE ASA-IPsec-Client-Firewall-Filter-Optional Optional 1 226 227VALUE ASA-IPsec-IKE-Peer-ID-Check Required 1 228VALUE ASA-IPsec-IKE-Peer-ID-Check If-Supported-By-Peer-Certificate 2 229VALUE ASA-IPsec-IKE-Peer-ID-Check Do-Not-Check 3 230 231VALUE ASA-IPsec-IP-Compression Disabled 0 232VALUE ASA-IPsec-IP-Compression Enabled 1 233 234VALUE ASA-IPsec-Mode-Config Disabled 0 235VALUE ASA-IPsec-Mode-Config Enabled 1 236 237VALUE ASA-IPsec-Over-UDP Disabled 0 238VALUE ASA-IPsec-Over-UDP Enabled 1 239 240VALUE ASA-IPsec-Required-Client-Firewall-Capability None 0 241VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-Remotely-Defined 1 242VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-Pushed 2 243VALUE ASA-IPsec-Required-Client-Firewall-Capability Policy-from-Server 4 244 245VALUE ASA-IPsec-Split-Tunneling-Policy No-Split-Tunneling 0 246VALUE ASA-IPsec-Split-Tunneling-Policy Split-Tunneling 1 247VALUE ASA-IPsec-Split-Tunneling-Policy Local-LAN-Permitted 2 248 249VALUE ASA-IPsec-Tunnel-Type LAN-to-LAN 1 250VALUE ASA-IPsec-Tunnel-Type Remote-Access 2 251 252VALUE ASA-L2TP-MPPC-Compression Disabled 0 253VALUE ASA-L2TP-MPPC-Compression Enabled 1 254 255VALUE ASA-NAC-Enable No 0 256VALUE ASA-NAC-Enable Yes 1 257 258VALUE ASA-Perfect-Forward-Secrecy-Enable No 0 259VALUE ASA-Perfect-Forward-Secrecy-Enable Yes 1 260 261VALUE ASA-PPTP-MPPC-Compression Disabled 0 262VALUE ASA-PPTP-MPPC-Compression Enabled 1 263 264VALUE ASA-Required-Client-Firewall-Vendor-Code Cisco-CIC 1 265VALUE ASA-Required-Client-Firewall-Vendor-Code Zone-Labs 2 266VALUE ASA-Required-Client-Firewall-Vendor-Code NetworkICE 3 267VALUE ASA-Required-Client-Firewall-Vendor-Code Sygate 4 268VALUE ASA-Required-Client-Firewall-Vendor-Code Cisco-IPSA 5 269 270VALUE ASA-Required-Individual-User-Auth Disabled 0 271VALUE ASA-Required-Individual-User-Auth Enabled 1 272 273VALUE ASA-Require-HW-Client-Auth Disabled 0 274VALUE ASA-Require-HW-Client-Auth Enabled 1 275 276VALUE ASA-SessionSubtype None 0 277VALUE ASA-SessionSubtype Clientless 1 278VALUE ASA-SessionSubtype Client 2 279VALUE ASA-SessionSubtype Client-Only 3 280 281VALUE ASA-SessionType None 0 282VALUE ASA-SessionType AnyConnect-Client-SSL-VPN 1 283VALUE ASA-SessionType AnyConnect-Client-IPSec-VPN/IKEv2 2 284VALUE ASA-SessionType Clientless-SSL-VPN 3 285VALUE ASA-SessionType Clientless-Email-Proxy 4 286VALUE ASA-SessionType Cisco-VPN-Client/IKEv1 5 287VALUE ASA-SessionType IKEv1-LAN-to-LAN 6 288VALUE ASA-SessionType IKEv2-LAN-to-LAN 7 289VALUE ASA-SessionType VPN-Load-Balancing 8 290 291VALUE ASA-Smart-Tunnel-Auto Disabled 0 292VALUE ASA-Smart-Tunnel-Auto Enabled 1 293VALUE ASA-Smart-Tunnel-Auto AutoStart 2 294 295VALUE ASA-Strip-Realm Disabled 0 296VALUE ASA-Strip-Realm Enabled 1 297 298VALUE ASA-SVC-Ask Disabled 0 299VALUE ASA-SVC-Ask Enabled 1 300VALUE ASA-SVC-Ask Enable-Default-Service 3 301VALUE ASA-SVC-Ask Enable-Default-Clientless 5 302 303VALUE ASA-SVC-DTLS FALSE 0 304VALUE ASA-SVC-DTLS TRUE 1 305 306VALUE ASA-Use-Client-Address Disabled 0 307VALUE ASA-Use-Client-Address Enabled 1 308 309VALUE ASA-WebVPN-Apply-ACL Disabled 0 310VALUE ASA-WebVPN-Apply-ACL Enabled 1 311 312VALUE ASA-WebVPN-Citrix-Metaframe-Enable Disabled 0 313VALUE ASA-WebVPN-Citrix-Metaframe-Enable Enabled 1 314 315VALUE ASA-WebVPN-File-Access-Enable Disabled 0 316VALUE ASA-WebVPN-File-Access-Enable Enabled 1 317 318VALUE ASA-WebVPN-File-Server-Browsing-Enable Disabled 0 319VALUE ASA-WebVPN-File-Server-Browsing-Enable Enabled 1 320 321VALUE ASA-WebVPN-File-Server-Entry-Enable Disabled 0 322VALUE ASA-WebVPN-File-Server-Entry-Enable Enabled 1 323 324VALUE ASA-WebVPN-Hidden-Shares None 0 325VALUE ASA-WebVPN-Hidden-Shares Visible 1 326 327VALUE ASA-WebVPN-HTTP-Compression Off 0 328VALUE ASA-WebVPN-HTTP-Compression Deflate-Compression 1 329 330VALUE ASA-WebVPN-Port-Forwarding-Enable Disabled 0 331VALUE ASA-WebVPN-Port-Forwarding-Enable Enabled 1 332 333VALUE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable Disabled 0 334VALUE ASA-WebVPN-Port-Forwarding-Exchange-Proxy-Enable Enabled 1 335 336VALUE ASA-WebVPN-Port-Forwarding-HTTP-Proxy Disabled 0 337VALUE ASA-WebVPN-Port-Forwarding-HTTP-Proxy Enabled 1 338 339VALUE ASA-WebVPNSmart-Card-Removal-Disconnect Disabled 0 340VALUE ASA-WebVPNSmart-Card-Removal-Disconnect Enabled 1 341 342VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start Disabled 0 343VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start Enabled 1 344VALUE ASA-WebVPN-Smart-Tunnel-Auto-Start AutoStart 2 345 346VALUE ASA-WebVPN-SSL-VPN-Client-Enable Disabled 0 347VALUE ASA-WebVPN-SSL-VPN-Client-Enable Enabled 1 348 349VALUE ASA-WebVPN-SSL-VPN-Client-Keep-Installation Disabled 0 350VALUE ASA-WebVPN-SSL-VPN-Client-Keep-Installation Enabled 1 351 352VALUE ASA-WebVPN-SSL-VPN-Client-Required Disabled 0 353VALUE ASA-WebVPN-SSL-VPN-Client-Required Enabled 1 354 355VALUE ASA-WebVPN-SVC-DTLS-Enable Disabled 0 356VALUE ASA-WebVPN-SVC-DTLS-Enable Enabled 1 357 358VALUE ASA-WebVPN-SVC-Rekey-Method Off 0 359VALUE ASA-WebVPN-SVC-Rekey-Method SSL 1 360VALUE ASA-WebVPN-SVC-Rekey-Method New-Tunnel 2 361 362VALUE ASA-WebVPN-SVC-Compression Off 0 363VALUE ASA-WebVPN-SVC-Compression Deflate-Compression 1 364 365VALUE ASA-WebVPN-URL-Entry-Enable Disabled 0 366VALUE ASA-WebVPN-URL-Entry-Enable Enabled 1 367 368END-VENDOR Cisco-ASA 369