1-11
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the ASA to Integrate with Cisco TrustSec
Configuring the ASA for Cisco TrustSec Integration
• Configuring the AAA Server for Cisco TrustSec Integration, page 1-11
• Importing a Protected Access Credential (PAC) File, page 1-13
• Configuring the Security Exchange Protocol (SXP), page 1-14
• Adding an SXP Connection Peer, page 1-17
• Refreshing Environment Data, page 1-19
• Configuring the Security Policy, page 1-20
• Collecting User Statistics, page 1-21
Task Flow for Configuring the ASA to Integrate with Cisco TrustSec
Prerequisite
Before configuring the ASA to integrate with Cisco TrustSec, you must meet the following prerequisites:
• Register the ASA with the ISE.
• Generate the PAC file on the ISE to import into the ASA.
See the “Prerequisites for Integrating the ASA with Cisco TrustSec” section on page 1-8 for information.
Task Flow in the ASA
To configure the ASA to integrate with Cisco TrustSec, perform the following tasks:
Step 1 Configure the AAA server.
See Configuring the AAA Server for Cisco TrustSec Integration, page 1-11.
Step 2 Import the PAC file from the ISE.
See Importing a Protected Access Credential (PAC) File, page 1-13.
Step 3 Enable and set the default values for SXP.
See Configuring the Security Exchange Protocol (SXP), page 1-14.
Step 4 Add SXP connection peers for the Cisco TrustSec architecture.
See Adding an SXP Connection Peer, page 1-17.
Step 5 As necessary, refresh environment data for the ASA integrated with Cisco TrustSec.
See Refreshing Environment Data, page 1-19.
Step 6 Configure the Security Policy.
See Configuring the Security Policy, page 1-20.
Configuring the AAA Server for Cisco TrustSec Integration
As part of configuring the ASA to integrate with Cisco TrustSec, you must configure the ASA so that it
can communicate with the ISE.
See also the “Configuring AAA Server Groups” section on page 1-11 for more information.
To Next Page
Loading...
Need help?
General
