Cisco Cisco ASA for Nexus 1000V Series Switch Manual Técnica

The information in this document is based on Next−Generation Firewall with on−box PRSM management,
Version 9.2.1.2(52).

Note: This document assumes that authentication and user and group policies will be performed using a
Microsoft Active Directory Domain Controller.

The information in this document was created from the devices in a specific lab environment. All of the
devices used in this document started with a cleared (default) configuration. If your network is live, make sure
that you understand the potential impact of any command.

This document describes two types of configurations, which are the Realm Configuration and the Directory
Configuration.

The Realm is a container in which authentication servers are placed. For more information on Directory
Realms, see the Overview of Directory Realms section of the User Guide for ASA CX and Cisco Prime
Security Manager 9.2.

In PRSM Version 9.2, choose Configurations > Directory Realm.

Note: The Primary Domain should be lowercase due to Cisco bug ID CSCum53396 − ASA CX doesn't handle
case sensitivity for domain names correctly.

Within the configured Realm, a Directory must be created that represents the LDAP server (the Active
Directory server).

The 'User search base' and 'Group search base' must be correctly configured based upon the specific Active
Directory structure, or the user−based and group−based policies might fail. Refer to the information in this
section in order to determine the appropriate values for these fields in your environment.