Name: Cisco Firepower 4110
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Cisco Preparative Procedures & Operational User Guide

8) Commit the transaction to the system configuration:

Firepower-chassis /security/tacacs/server # commit-buffer

4.4.6 Configure LDAP via GUI

1) Choose Platform Settings > AAA.

2) Click the LDAP tab.

3) For each LDAP provider that you want to add:

a) In the LDAP Providers area, click Add.

b) In the Add LDAP Provider dialog box, complete the following fields:

Name

Description

Hostname/FDQN (or IP

Address) field

The hostname or IP address on which the LDAP provider resides. If

SSL is enabled, this field must exactly match a Common Name

(CN) in the security certificate of the LDAP database.

Order field

The order in which the Firepower eXtensible Operating System

uses this provider to authenticate users.

Enter an integer between 1 and 16, or enter lowest-available or 0

(zero) if you want the Firepower eXtensible Operating System to

assign the next available order based on the other providers defined

in Firepower Chassis Manager or the FXOS CLI.

Bind DN field

The distinguished name (DN) for an LDAP database account that

has read and search permissions for all objects under the base DN.

The maximum supported string length is 255 ASCII characters.

Base DN field

The specific distinguished name in the LDAP hierarchy where the

server should begin a search when a remote user logs in and the

system attempts to get the user's DN based on their username. The

length of the base DN can be set to a maximum of 255 characters

minus the length of CN=$userid, where $userid identifies the

remote user attempting to access Firepower Chassis Manager or the

FXOS CLI using LDAP authentication.

This value is required unless a default base DN has been set on the

LDAP tab.

Port field

The port through which Firepower Chassis Manager or the FXOS

CLI communicates with the LDAP database. The standard port

number is 389.

Enable SSL check box

If checked, encryption is required for communications with the

LDAP database. If unchecked, authentication information will be

sent as clear text.

LDAP uses STARTTLS. This allows encrypted communication

using port 389.

Filter field

The LDAP search is restricted to those user names that match the

defined filter.

This value is required unless a default filter has been set on the

Brand	Cisco
Model	Firepower 4110
Category	Firewall
Language	English

Cisco Firepower 4110 User Manual

Table of Contents

Other manuals for Cisco Firepower 4110

Questions and Answers:

Cisco Firepower 4110 Specifications

Related product manuals