Cisco Systems ASA 5580 Manual De Usuario
25-20
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 25 Configuring the ASA for Cisco Cloud Web Security
Configuration Examples for Cisco Cloud Web Security
parameters
default user user1 group group1
https
class whiteListCmap
whitelist
After creating this inspect policy, attach it to the policy map to be assigned to the service group:
policy-map pmap
class web
inspect scansafe ss fail-close
class https
inspect scansafe ss2 fail-close
Then attach the policy map to a service-policy to make it in effect globally or by ASA interface:
service-policy pmap interface inside
Directory Integration Examples
This section contains various example configurations for directory integration. See also
Chapter 38,
“Configuring the Identity Firewall,”
in the general operations configuration guide.
•
•
•
•
•
•
•
•
•
•
•
Configuring the Active Directory Server Using LDAP
The following example shows how to configure the Active Directory server on your ASA using LDAP:
hostname(config)# aaa-server AD protocol ldap
hostname(config-aaa-server-group)# aaa-server AD (inside) host 192.168.116.220
hostname(config-aaa-server-host)# ldap-base-dn DC=ASASCANLAB,DC=local
hostname(config-aaa-server-host)# ldap-scope subtree
hostname(config-aaa-server-host)# server-type microsoft
hostname(config-aaa-server-host)# server-port 389
hostname(config-aaa-server-host)# ldap-login-dn
cn=administrator,cn=Users,dc=asascanlab,dc=local
hostname(config-aaa-server-host)# ldap-login-password Password1