<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi guys,<br>
I'm still waiting on an update from you if you like to include
those dictionary entries or change their name.<br>
<pre class="moz-signature" cols="72">Cheers, Alex</pre>
On 2013-02-27 17:20, Alexander Hartmaier wrote:<br>
</div>
<blockquote cite="mid:512E323A.6040100@t-systems.at" type="cite">
<pre wrap="">On 2013-02-27 15:10, Alexander Hartmaier wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On 2013-02-26 22:35, Heikki Vatiainen wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On 02/26/2013 07:04 PM, Alexander Hartmaier wrote:
</pre>
<blockquote type="cite">
<pre wrap="">After some googling I've found the answer to this question [1] asked on
this list in 2003 [2]
Seems Cisco ASAs, which where called PIX before, where called Altiga
before [3]
The current dictionary that ships with Radiator has the attributes up to
number 137.
The names in the Cisco ASA doc have some common attributes but also
changed and new ones.
I'd replace all Altiga definitions with Cisco-ASA- attributes with their
names from the table in [2] and submit it to the list for replacement in
the default dictionary, does that sound sane after 13 years?
</pre>
</blockquote>
<pre wrap="">Since the attributes are in use currently, the updated entries could be
shipped at least as a separate dictionary file for those who need to use
the latest definitions. I have also seen Altiga attributes used in
current Cisco VPN deployments, so I think it would be a good idea to
have the current definitions available too.
</pre>
</blockquote>
<pre wrap="">Yes, Cisco ASAs use the attributes defined in the document I've linked
which use the Altiga VSA (3076) and not the Cisco VSA (9).
I'd move the legacy Altiga VSAs into a separate dictionary file in the
goodies dir and put the current Cisco VSAs in the default dictionary file.
</pre>
<blockquote type="cite">
<pre wrap="">If you have the entries, it would be good to see them and then consider
what would be the best way to include them. If there are conflicting
entries, then care would be needed when considering how to add them.
Otherwise any users that may have equipment using them would have an
unfortunate surprise.
Thanks!
Heikki
</pre>
</blockquote>
<pre wrap="">After an hour or typing I came up with this:
VENDORATTR 3076 Cisco-VPN-Access-Hours
1 string
VENDORATTR 3076 Cisco-VPN-Simultaneous-Logins
2 integer
VENDORATTR 3076 Cisco-VPN-Primary-DNS
5 ipaddr
VENDORATTR 3076 Cisco-VPN-Secondary-DNS
6 ipaddr
VENDORATTR 3076 Cisco-VPN-Primary-WINS
7 ipaddr
VENDORATTR 3076 Cisco-VPN-Secondary-WINS
8 ipaddr
VENDORATTR 3076 Cisco-VPN-SEP-Card-Assignment
9 integer
VENDORATTR 3076 Cisco-VPN-Tunneling-Protocols
11 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Sec-Association
12 string
VENDORATTR 3076 Cisco-VPN-IPsec-Authentication
13 string
VENDORATTR 3076 Cisco-VPN-Banner1
15 string
VENDORATTR 3076 Cisco-VPN-IPsec-Allow-Passwd-Store
16 integer
VENDORATTR 3076 Cisco-VPN-Use-Client-Address
17 integer
VENDORATTR 3076 Cisco-VPN-PPTP-Encryption
20 integer
VENDORATTR 3076 Cisco-VPN-L2TP-Encryption
21 integer
VENDORATTR 3076 Cisco-VPN-Group-Policy
25 string
VENDORATTR 3076 Cisco-VPN-IPsec-Split-Tunnel-List
27 string
VENDORATTR 3076 Cisco-VPN-IPsec-Default-Domain
28 string
VENDORATTR 3076 Cisco-VPN-IPsec-Split-DNS-Names
29 string
VENDORATTR 3076 Cisco-VPN-IPsec-Tunnel-Type
30 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Mode-Config
31 integer
VENDORATTR 3076 Cisco-VPN-IPsec-User-Group-Lock
33 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Over-UDP
34 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Over-UDP-Port
35 integer
VENDORATTR 3076 Cisco-VPN-Banner2
36 string
VENDORATTR 3076 Cisco-VPN-PPTP-MPPC-Compression
37 integer
VENDORATTR 3076 Cisco-VPN-L2TP-MPPC-Compression
38 integer
VENDORATTR 3076 Cisco-VPN-IPsec-IP-Compression
39 integer
VENDORATTR 3076 Cisco-VPN-IPsec-IKE-Peer-ID-Check
40 integer
VENDORATTR 3076 Cisco-VPN-IKE-Keep-Alives
41 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Auth-On-Rekey
42 integer
VENDORATTR 3076 Cisco-VPN-Required-Client-Firewall-Vendor-Code
45 integer
VENDORATTR 3076 Cisco-VPN-Required-Client-Firewall-Product-Code
46 integer
VENDORATTR 3076 Cisco-VPN-Required-Client-Firewall-Description
47 string
VENDORATTR 3076 Cisco-VPN-Require-HW-Client-Auth
48 integer
VENDORATTR 3076 Cisco-VPN-Required-Individual-User-Auth
49 integer
VENDORATTR 3076 Cisco-VPN-Authenticated-User-Idle-Timeout
50 integer
VENDORATTR 3076 Cisco-VPN-Cisco-IP-Phone-Bypass
51 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Split-Tunneling-Policy
55 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Required-Client-Firewall-Capability
56 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Client-Firewall-Filter-Name
57 string
VENDORATTR 3076 Cisco-VPN-IPsec-Client-Firewall-Filter-Optional
58 integer
VENDORATTR 3076 Cisco-VPN-IPsec-Backup-Servers
59 string
VENDORATTR 3076 Cisco-VPN-IPsec-Backup-Server-List
60 string
VENDORATTR 3076 Cisco-VPN-DHCP-Network-Scope
61 string
VENDORATTR 3076 Cisco-VPN-Intercept-DHCP-Configure-Msg
62 integer
VENDORATTR 3076 Cisco-VPN-MS-Client-Subnet-Mask
63 integer
VENDORATTR 3076 Cisco-VPN-Allow-Network-Extension-Mode
64 integer
VENDORATTR 3076 Cisco-VPN-Authorization-Type
65 integer
VENDORATTR 3076 Cisco-VPN-Authorization-Required
66 integer
VENDORATTR 3076 Cisco-VPN-Authorization-DN-Field
67 string
VENDORATTR 3076 Cisco-VPN-IKE-KeepAlive-Confidence-Interval
68 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Content-Filter-Parameters
69 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-URL-List
71 string
VENDORATTR 3076 Cisco-VPN-WebVPN-Port-Forward-List
72 string
VENDORATTR 3076 Cisco-VPN-WebVPN-Access-List
73 string
VENDORATTR 3076 Cisco-VPN-Cisco-LEAP-Bypass
75 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Homepage
76 string
VENDORATTR 3076 Cisco-VPN-Client-Type-Version-Limiting
77 string
VENDORATTR 3076 Cisco-VPN-WebVPN-Port-Forwarding-Name
79 string
VENDORATTR 3076 Cisco-VPN-IE-Proxy-Server
80 string
VENDORATTR 3076 Cisco-VPN-IE-Proxy-Server-Policy
81 integer
VENDORATTR 3076 Cisco-VPN-IE-Proxy-Exception-List
82 string
VENDORATTR 3076 Cisco-VPN-IE-Proxy-Bypass-Local
83 integer
VENDORATTR 3076 Cisco-VPN-IKE-Keepalive-Retry-Interval
84 integer
VENDORATTR 3076 Cisco-VPN-Tunnel-Group-Lock
85 string
VENDORATTR 3076 Cisco-VPN-Access-List-Inbound
86 string
VENDORATTR 3076 Cisco-VPN-Access-List-Outbound
87 string
VENDORATTR 3076 Cisco-VPN-Perfect-Forward-Secrecy-Enable
88 integer
VENDORATTR 3076 Cisco-VPN-NAC-Enable
89 integer
VENDORATTR 3076 Cisco-VPN-NAC-Status-Query-Timer
90 integer
VENDORATTR 3076 Cisco-VPN-NAC-Revalidation-Timer
91 integer
VENDORATTR 3076 Cisco-VPN-NAC-Default-ACL
92 string
VENDORATTR 3076 Cisco-VPN-WebVPN-URL-Entry-Enable
93 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-File-Access-Enable
94 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-File-Server-Entry-Enable
95 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-File-Server-Browsing-Enable
96 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Port-Forwarding-Enable
97 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Outlook-Exchange-Proxy-Enable
98 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Port-Forwarding-HTTP-Proxy
99 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Auto-Applet-Download-Enable
100 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Citrix-Metaframe-Enable
101 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Apply-ACL
102 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-SSL-VPN-Client-Enable
103 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-SSL-VPN-Client-Required
104 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-SSL-VPN-Client-Keep-Installation
105 integer
VENDORATTR 3076 Cisco-VPN-SVC-Keepalive
107 integer
VENDORATTR 3076 Cisco-VPN-SVC-DPD-Interval-Client
108 integer
VENDORATTR 3076 Cisco-VPN-SVC-DPD-Interval-Gateway
109 integer
VENDORATTR 3076 Cisco-VPN-SVC-Rekey-Time
110 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Deny-Message
116 string
VENDORATTR 3076 Cisco-VPN-Extended-Authentication-On-Rekey
122 integer
VENDORATTR 3076 Cisco-VPN-SVC-DTLS
123 integer
VENDORATTR 3076 Cisco-VPN-SVC-MTU
125 integer
VENDORATTR 3076 Cisco-VPN-SVC-Modules
127 string
VENDORATTR 3076 Cisco-VPN-SVC-Profiles
128 string
VENDORATTR 3076 Cisco-VPN-SVC-Ask
131 string
VENDORATTR 3076 Cisco-VPN-SVC-Ask-Timeout
132 integer
VENDORATTR 3076 Cisco-VPN-IE-Proxy-PAC-URL
133 string
VENDORATTR 3076 Cisco-VPN-Strip-Realm
135 integer
VENDORATTR 3076 Cisco-VPN-Smart-Tunnel
136 string
VENDORATTR 3076 Cisco-VPN-WebVPN-ActiveX-Relay
137 integer
VENDORATTR 3076 Cisco-VPN-Smart-Tunnel-Auto
138 integer
VENDORATTR 3076 Cisco-VPN-Smart-Tunnel-Auto-Signon-Enable
139 string
VENDORATTR 3076 Cisco-VPN-VLAN
140 integer
VENDORATTR 3076 Cisco-VPN-NAC-Settings
141 string
VENDORATTR 3076 Cisco-VPN-Member-Of
145 string
VENDORATTR 3076 Cisco-VPN-Tunnel-Group-Name
146 string
VENDORATTR 3076 Cisco-VPN-Client-Type
150 integer
VENDORATTR 3076 Cisco-VPN-Session-Type
151 integer
VENDORATTR 3076 Cisco-VPN-Session-Subtype
152 integer
VENDORATTR 3076 Cisco-VPN-Address-Pools
217 string
VENDORATTR 3076 Cisco-VPN-IPv6-Address-Pools
218 string
VENDORATTR 3076 Cisco-VPN-IPv6-VPN-Filter
219 string
VENDORATTR 3076 Cisco-VPN-Privilege-Level
220 integer
VENDORATTR 3076 Cisco-VPN-WebVPN-Macro-Value1
223 string
VENDORATTR 3076 Cisco-VPN-WebVPN-Macro-Value2
224 string
I've changed Cisco-ASA- to Cisco-VPN- because they are also used by the
old VPN3000 concentrators and the old PIXen.
If you agree with the naming (straight from the Cisco docs) I'll also
add the individual values for each attribute (that will be another 500
lines or so).
</pre>
</blockquote>
<pre wrap="">
The ASA 9.0 docs have even more attributes:
<a class="moz-txt-link-freetext" href="http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ref_extserver.html#wp1822360">http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ref_extserver.html#wp1822360</a>
I've copied the table into libreoffice, sorted it by attribute number
(the 9.0 docs have it sorted by name) and saved it as csv which I've
read with a Perl script that transforms it into Radiator dictionary format:
VENDORATTR 3076
Cisco-VPN-Access-Hours 1 string
VENDORATTR 3076
Cisco-VPN-Simultaneous-Logins 2 integer
VENDORATTR 3076
Cisco-VPN-Primary-DNS 5 ipaddr
VENDORATTR 3076
Cisco-VPN-Secondary-DNS 6 ipaddr
VENDORATTR 3076
Cisco-VPN-Primary-WINS 7 ipaddr
VENDORATTR 3076
Cisco-VPN-Secondary-WINS 8 ipaddr
VENDORATTR 3076
Cisco-VPN-SEP-Card-Assignment 9 integer
VENDORATTR 3076
Cisco-VPN-Tunneling-Protocols 11 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Sec-Association 12 string
VENDORATTR 3076
Cisco-VPN-IPsec-Authentication 13 integer
VENDORATTR 3076
Cisco-VPN-Banner1 15 string
VENDORATTR 3076
Cisco-VPN-IPsec-Allow-Passwd-Store 16 integer
VENDORATTR 3076
Cisco-VPN-Use-Client-Address 17 integer
VENDORATTR 3076
Cisco-VPN-PPTP-Encryption 20 integer
VENDORATTR 3076
Cisco-VPN-L2TP-Encryption 21 integer
VENDORATTR 3076
Cisco-VPN-Group-Policy 25 string
VENDORATTR 3076
Cisco-VPN-IPsec-Split-Tunnel-List 27 string
VENDORATTR 3076
Cisco-VPN-IPsec-Default-Domain 28 string
VENDORATTR 3076
Cisco-VPN-IPsec-Split-DNS-Names 29 string
VENDORATTR 3076
Cisco-VPN-IPsec-Tunnel-Type 30 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Mode-Config 31 integer
VENDORATTR 3076
Cisco-VPN-IPsec-User-Group-Lock 33 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Over-UDP 34 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Over-UDP-Port 35 integer
VENDORATTR 3076
Cisco-VPN-Banner2 36 string
VENDORATTR 3076
Cisco-VPN-PPTP-MPPC-Compression 37 integer
VENDORATTR 3076
Cisco-VPN-L2TP-MPPC-Compression 38 integer
VENDORATTR 3076
Cisco-VPN-IPsec-IP-Compression 39 integer
VENDORATTR 3076
Cisco-VPN-IPsec-IKE-Peer-ID-Check 40 integer
VENDORATTR 3076
Cisco-VPN-IKE-Keep-Alives 41 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Auth-On-Rekey 42 integer
VENDORATTR 3076
Cisco-VPN-Required-Client--Firewall-Vendor-Code 45 integer
VENDORATTR 3076
Cisco-VPN-Required-Client-Firewall-Product-Code 46 integer
VENDORATTR 3076
Cisco-VPN-Required-Client-Firewall-Description 47 string
VENDORATTR 3076
Cisco-VPN-Require-HW-Client-Auth 48 integer
VENDORATTR 3076
Cisco-VPN-Required-Individual-User-Auth 49 integer
VENDORATTR 3076
Cisco-VPN-Authenticated-User-Idle-Timeout 50 integer
VENDORATTR 3076
Cisco-VPN-Cisco-IP-Phone-Bypass 51 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Split-Tunneling-Policy 55 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Required-Client-Firewall-Capability 56 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Client-Firewall-Filter-Name 57 string
VENDORATTR 3076
Cisco-VPN-IPsec-Client-Firewall-Filter-Optional 58 integer
VENDORATTR 3076
Cisco-VPN-IPsec-Backup-Servers 59 string
VENDORATTR 3076
Cisco-VPN-IPsec-Backup-Server-List 60 string
VENDORATTR 3076
Cisco-VPN-DHCP-Network-Scope 61 string
VENDORATTR 3076
Cisco-VPN-Intercept-DHCP-Configure-Msg 62 integer
VENDORATTR 3076
Cisco-VPN-MS-Client-Subnet-Mask 63 ipaddr
VENDORATTR 3076
Cisco-VPN-Allow-Network-Extension-Mode 64 integer
VENDORATTR 3076
Cisco-VPN-Authorization-Type 65 integer
VENDORATTR 3076
Cisco-VPN-Authorization-Required 66 integer
VENDORATTR 3076
Cisco-VPN-Authorization-DN-Field 67 string
VENDORATTR 3076
Cisco-VPN-IKE-KeepAlive-Confidence-Interval 68 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Content-Filter-Parameters 69 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-HTML-Filter 69 bitmap
VENDORATTR 3076
Cisco-VPN-WebVPN-URL-List 71 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Port-Forwarding-List 72 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Access-List 73 string
VENDORATTR 3076
Cisco-VPN-WebVPN-ACL 73 string
VENDORATTR 3076
Cisco-VPN-WebVPN-HTTP-Proxy-IP-Address 74 string
VENDORATTR 3076
Cisco-VPN-Cisco-LEAP-Bypass 75 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Default-Homepage 76 string
VENDORATTR 3076
Cisco-VPN-Client-Type-Version-Limiting 77 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Group-based-HTTP-HTTPS-Proxy-Exception-List 78 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Port-Forwarding-Name 79 string
VENDORATTR 3076
Cisco-VPN-IE-Proxy-Server 80 ipaddr
VENDORATTR 3076
Cisco-VPN-IE-Proxy-Server-Policy 81 integer
VENDORATTR 3076
Cisco-VPN-IE-Proxy-Exception-List 82 string
VENDORATTR 3076
Cisco-VPN-IE-Proxy-Bypass-Local 83 integer
VENDORATTR 3076
Cisco-VPN-IKE-Keepalive-Retry-Interval 84 integer
VENDORATTR 3076
Cisco-VPN-Tunnel-Group-Lock 85 string
VENDORATTR 3076
Cisco-VPN-Access-List-Inbound 86 string
VENDORATTR 3076
Cisco-VPN-Access-List-Outbound 87 string
VENDORATTR 3076
Cisco-VPN-Perfect-Forward-Secrecy-Enable 88 integer
VENDORATTR 3076
Cisco-VPN-NAC-Enable 89 integer
VENDORATTR 3076
Cisco-VPN-NAC-Status-Query-Timer 90 integer
VENDORATTR 3076
Cisco-VPN-NAC-Revalidation-Timer 91 integer
VENDORATTR 3076
Cisco-VPN-NAC-Default-ACL 92 string
VENDORATTR 3076
Cisco-VPN-WebVPN-URL-Entry-Enable 93 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-File-Access-Enable 94 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-File-Server-Entry-Enable 95 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-File-Server-Browsing-Enable 96 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Port-Forwarding-Enable 97 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Port-Forwarding-Exchange-Proxy-Enable 98 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Port-Forwarding-HTTP-Proxy 99 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Citrix-Metaframe-Enable 101 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Apply-ACL 102 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SSL-VPN-Client-Enable 103 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SSL-VPN-Client-Required 104 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SSL-VPN-Client-Keep--Installation 105 integer
VENDORATTR 3076
Cisco-VPN-SVC-Keepalive 107 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Keepalive-Frequency 107 integer
VENDORATTR 3076
Cisco-VPN-SVC-DPD-Interval-Client 108 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Client-DPD-Frequency 108 integer
VENDORATTR 3076
Cisco-VPN-SVC-DPD-Interval-Gateway 109 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Gateway-DPD-Frequency 109 integer
VENDORATTR 3076
Cisco-VPN-SVC-Rekey-Time 110 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Rekey-Time 110 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Rekey-Method 111 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-Compression 112 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Customization 113 string
VENDORATTR 3076
Cisco-VPN-WebVPN-SSO-Server-Name 114 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Deny-Message 116 string
VENDORATTR 3076
Cisco-VPN-WebVPN-HTTP-Compression 120 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Keepalive-Ignore 121 integer
VENDORATTR 3076
Cisco-VPN-Extended-Authentication-On-Rekey 122 integer
VENDORATTR 3076
Cisco-VPN-SVC-DTLS 123 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-DTLS-Enable 123 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Auto-HTTP-Signon 124 string
VENDORATTR 3076
Cisco-VPN-SVC-MTU 125 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-SVC-DTLS-MTU 125 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Hidden-Shares 126 integer
VENDORATTR 3076
Cisco-VPN-SVC-Modules 127 string
VENDORATTR 3076
Cisco-VPN-SVC-Profiles 128 string
VENDORATTR 3076
Cisco-VPN-SVC-Ask 131 string
VENDORATTR 3076
Cisco-VPN-SVC-Ask-Timeout 132 integer
VENDORATTR 3076
Cisco-VPN-IE-Proxy-PAC-URL 133 string
VENDORATTR 3076
Cisco-VPN-Strip-Realm 135 integer
VENDORATTR 3076
Cisco-VPN-Smart-Tunnel 136 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Smart-Tunnel 136 string
VENDORATTR 3076
Cisco-VPN-WebVPN-ActiveX-Relay 137 integer
VENDORATTR 3076
Cisco-VPN-Smart-Tunnel-Auto 138 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Smart-Tunnel-Auto-Start 138 integer
VENDORATTR 3076
Cisco-VPN-Smart-Tunnel-Auto-Signon-Enable 139 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Smart-Tunnel-Auto-Sign-On 139 string
VENDORATTR 3076
Cisco-VPN-VLAN 140 integer
VENDORATTR 3076
Cisco-VPN-NAC-Settings 141 string
VENDORATTR 3076
Cisco-VPN-Member-Of 145 string
VENDORATTR 3076
Cisco-VPN-Tunnel-Group-Name 146 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Idle-Timeout-Alert-Interval 148 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Session-Timeout-Alert-Interval 149 integer
VENDORATTR 3076
Cisco-VPN-Client-Type 150 integer
VENDORATTR 3076
Cisco-VPN-Session-Type 151 integer
VENDORATTR 3076
Cisco-VPN-Session-Subtype 152 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Download-Max-Size 157 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Upload-Max-Size 158 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Post-Max-Size 159 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-User-Storage 160 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Storage-Objects 161 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Storage-Key 162 string
VENDORATTR 3076
Cisco-VPN-WebVPN-VDI 163 string
VENDORATTR 3076
Cisco-VPN-Address-Pools 217 string
VENDORATTR 3076
Cisco-VPN-IPv6-Address-Pools 218 string
VENDORATTR 3076
Cisco-VPN-IPv6-VPN-Filter 219 string
VENDORATTR 3076
Cisco-VPN-Privilege-Level 220 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-UNIX-User-ID 221 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-UNIX-Group-ID 222 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Macro-Substitution 223 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Macro-Substitution 224 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Smart-Card-Removal-Disconnect 225 integer
VENDORATTR 3076
Cisco-VPN-WebVPN-Smart-Tunnel-Tunnel-Policy 227 string
VENDORATTR 3076
Cisco-VPN-WebVPN-Home-Page-Use-Smart-Tunnel 228 integer
VALUE Cisco-VPN-Tunneling-Protocols
PPTP 1
VALUE Cisco-VPN-Tunneling-Protocols
L2TP 2
VALUE Cisco-VPN-Tunneling-Protocols
IPSec 4
VALUE Cisco-VPN-Tunneling-Protocols
L2TP-IPSec 8
VALUE Cisco-VPN-IPsec-Authentication
None 0
VALUE Cisco-VPN-IPsec-Authentication
RADIUS 1
VALUE Cisco-VPN-IPsec-Authentication
LDAP 2
VALUE Cisco-VPN-IPsec-Authentication
NT-Domain 3
VALUE Cisco-VPN-IPsec-Authentication
SDI 4
VALUE Cisco-VPN-IPsec-Authentication
Internal 5
VALUE Cisco-VPN-IPsec-Authentication
RADIUS-with-Expiry 6
VALUE Cisco-VPN-IPsec-Authentication
Kerberos-Active-Directory 7
VALUE Cisco-VPN-IPsec-Allow-Passwd-Store
Disabled 0
VALUE Cisco-VPN-IPsec-Allow-Passwd-Store
Enabled 1
VALUE Cisco-VPN-Use-Client-Address
Disabled 0
VALUE Cisco-VPN-Use-Client-Address
Enabled 1
VALUE Cisco-VPN-PPTP-Encryption
Encryption-required 1
VALUE Cisco-VPN-PPTP-Encryption
40-bits 2
VALUE Cisco-VPN-PPTP-Encryption
128-bits 4
VALUE Cisco-VPN-PPTP-Encryption
Stateless-Required 8
VALUE Cisco-VPN-L2TP-Encryption
Encryption-required 1
VALUE Cisco-VPN-L2TP-Encryption
40-bits 2
VALUE Cisco-VPN-L2TP-Encryption
128-bits 4
VALUE Cisco-VPN-L2TP-Encryption
Stateless-Req 8
VALUE Cisco-VPN-IPsec-Tunnel-Type
LAN-to-LAN 1
VALUE Cisco-VPN-IPsec-Tunnel-Type
Remote-access 2
VALUE Cisco-VPN-IPsec-Mode-Config
Disabled 0
VALUE Cisco-VPN-IPsec-Mode-Config
Enabled 1
VALUE Cisco-VPN-IPsec-User-Group-Lock
Disabled 0
VALUE Cisco-VPN-IPsec-User-Group-Lock
Enabled 1
VALUE Cisco-VPN-IPsec-Over-UDP
Disabled 0
VALUE Cisco-VPN-IPsec-Over-UDP
Enabled 1
VALUE Cisco-VPN-PPTP-MPPC-Compression
Disabled 0
VALUE Cisco-VPN-PPTP-MPPC-Compression
Enabled 1
VALUE Cisco-VPN-L2TP-MPPC-Compression
Disabled 0
VALUE Cisco-VPN-L2TP-MPPC-Compression
Enabled 1
VALUE Cisco-VPN-IPsec-IP-Compression
Disabled 0
VALUE Cisco-VPN-IPsec-IP-Compression
Enabled 1
VALUE Cisco-VPN-IPsec-IKE-Peer-ID-Check
Required 1
VALUE Cisco-VPN-IPsec-IKE-Peer-ID-Check
If-supported-by-peer-certificate 2
VALUE Cisco-VPN-IPsec-IKE-Peer-ID-Check
Do-not-check 3
VALUE Cisco-VPN-IKE-Keep-Alives
Disabled 0
VALUE Cisco-VPN-IKE-Keep-Alives
Enabled 1
VALUE Cisco-VPN-IPsec-Auth-On-Rekey
Disabled 0
VALUE Cisco-VPN-IPsec-Auth-On-Rekey
Enabled 1
VALUE Cisco-VPN-Required-Client--Firewall-Vendor-Code
Cisco-Systems 1
VALUE Cisco-VPN-Required-Client--Firewall-Vendor-Code
Zone-Labs 2
VALUE Cisco-VPN-Required-Client--Firewall-Vendor-Code
NetworkICE 3
VALUE Cisco-VPN-Required-Client--Firewall-Vendor-Code
Sygate 4
VALUE Cisco-VPN-Required-Client--Firewall-Vendor-Code
Cisco-Systems 5
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Cisco-Intrusion-Prevention-Security-Agent-or-Cisco-Integrated-Client 1
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Zone-Alarm 1
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Zone-AlarmPro 2
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Zone-Labs-Integrity 3
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
BlackIce-Defender-Agent 1
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Personal-Firewall 1
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Personal-Firewall-Pro 2
VALUE Cisco-VPN-Required-Client-Firewall-Product-Code
Security-Agent 3
VALUE Cisco-VPN-Require-HW-Client-Auth
Disabled 0
VALUE Cisco-VPN-Require-HW-Client-Auth
Enabled 1
VALUE Cisco-VPN-Required-Individual-User-Auth
Disabled 0
VALUE Cisco-VPN-Required-Individual-User-Auth
Enabled 1
VALUE Cisco-VPN-Cisco-IP-Phone-Bypass
Disabled 0
VALUE Cisco-VPN-Cisco-IP-Phone-Bypass
Enabled 1
VALUE Cisco-VPN-IPsec-Split-Tunneling-Policy
No-split-tunneling 0
VALUE Cisco-VPN-IPsec-Split-Tunneling-Policy
Split-tunneling 1
VALUE Cisco-VPN-IPsec-Split-Tunneling-Policy
Local-LAN-permitted 2
VALUE Cisco-VPN-IPsec-Required-Client-Firewall-Capability
None 0
VALUE Cisco-VPN-IPsec-Required-Client-Firewall-Capability
Policy-defined-by-remote-FW-Are-You-There 1
VALUE Cisco-VPN-IPsec-Required-Client-Firewall-Capability
Policy-pushed-CPP 2
VALUE Cisco-VPN-IPsec-Required-Client-Firewall-Capability
Policy-from-server 4
VALUE Cisco-VPN-IPsec-Client-Firewall-Filter-Optional
Required 0
VALUE Cisco-VPN-IPsec-Client-Firewall-Filter-Optional
Optional 1
VALUE Cisco-VPN-IPsec-Backup-Servers
Use-Client-Configured-list 1
VALUE Cisco-VPN-IPsec-Backup-Servers
Disable-and-clear-client-list 2
VALUE Cisco-VPN-IPsec-Backup-Servers
Use-Backup-Server-list 3
VALUE Cisco-VPN-Intercept-DHCP-Configure-Msg
Disabled 0
VALUE Cisco-VPN-Intercept-DHCP-Configure-Msg
Enabled 1
VALUE Cisco-VPN-Allow-Network-Extension-Mode
Disabled 0
VALUE Cisco-VPN-Allow-Network-Extension-Mode
Enabled 1
VALUE Cisco-VPN-Authorization-Type
None 0
VALUE Cisco-VPN-Authorization-Type
RADIUS 1
VALUE Cisco-VPN-Authorization-Type
LDAP 2
VALUE Cisco-VPN-Authorization-Required
No 0
VALUE Cisco-VPN-Authorization-Required
Yes 1
VALUE Cisco-VPN-WebVPN-Content-Filter-Parameters
Java-ActiveX 1
VALUE Cisco-VPN-WebVPN-Content-Filter-Parameters
Java-Script 2
VALUE Cisco-VPN-WebVPN-Content-Filter-Parameters
Image 4
VALUE Cisco-VPN-WebVPN-Content-Filter-Parameters
Cookies-in-images 8
VALUE Cisco-VPN-WebVPN-HTML-Filter
Java-ActiveX 1
VALUE Cisco-VPN-WebVPN-HTML-Filter
Scripts 2
VALUE Cisco-VPN-WebVPN-HTML-Filter
Image 4
VALUE Cisco-VPN-WebVPN-HTML-Filter
Cookies 8
VALUE Cisco-VPN-Cisco-LEAP-Bypass
Disabled 0
VALUE Cisco-VPN-Cisco-LEAP-Bypass
Enabled 1
VALUE Cisco-VPN-IE-Proxy-Server-Policy
No-Modify 1
VALUE Cisco-VPN-IE-Proxy-Server-Policy
No-Proxy 2
VALUE Cisco-VPN-IE-Proxy-Server-Policy
Auto-detect 3
VALUE Cisco-VPN-IE-Proxy-Server-Policy
Use-Concentrator-Setting 4
VALUE Cisco-VPN-IE-Proxy-Bypass-Local
None 0
VALUE Cisco-VPN-IE-Proxy-Bypass-Local
Local 1
VALUE Cisco-VPN-Perfect-Forward-Secrecy-Enable
No 0
VALUE Cisco-VPN-Perfect-Forward-Secrecy-Enable
Yes 1
VALUE Cisco-VPN-NAC-Enable
No 0
VALUE Cisco-VPN-NAC-Enable
Yes 1
VALUE Cisco-VPN-WebVPN-URL-Entry-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-URL-Entry-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-File-Access-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-File-Access-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-File-Server-Entry-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-File-Server-Entry-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-File-Server-Browsing-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-File-Server-Browsing-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-Port-Forwarding-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-Port-Forwarding-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-Port-Forwarding-Exchange-Proxy-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-Port-Forwarding-Exchange-Proxy-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-Port-Forwarding-HTTP-Proxy
Disabled 0
VALUE Cisco-VPN-WebVPN-Port-Forwarding-HTTP-Proxy
Enabled 1
VALUE Cisco-VPN-WebVPN-Citrix-Metaframe-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-Citrix-Metaframe-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-Apply-ACL
Disabled 0
VALUE Cisco-VPN-WebVPN-Apply-ACL
Enabled 1
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Required
Disabled 0
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Required
Enabled 1
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Keep--Installation
Disabled 0
VALUE Cisco-VPN-WebVPN-SSL-VPN-Client-Keep--Installation
Enabled 1
VALUE Cisco-VPN-WebVPN-HTTP-Compression
Off 0
VALUE Cisco-VPN-WebVPN-HTTP-Compression
Deflate-Compression 1
VALUE Cisco-VPN-Extended-Authentication-On-Rekey
Disabled 0
VALUE Cisco-VPN-Extended-Authentication-On-Rekey
Enabled 1
VALUE Cisco-VPN-SVC-DTLS
False 0
VALUE Cisco-VPN-SVC-DTLS
True 1
VALUE Cisco-VPN-WebVPN-SVC-DTLS-Enable
Disabled 0
VALUE Cisco-VPN-WebVPN-SVC-DTLS-Enable
Enabled 1
VALUE Cisco-VPN-WebVPN-Hidden-Shares
None 0
VALUE Cisco-VPN-WebVPN-Hidden-Shares
Visible 1
VALUE Cisco-VPN-SVC-Ask
Disabled 0
VALUE Cisco-VPN-SVC-Ask
Enabled 1
VALUE Cisco-VPN-SVC-Ask
Enable-default-service 3
VALUE Cisco-VPN-SVC-Ask
Enable-default-clientless 5
VALUE Cisco-VPN-Strip-Realm
Disabled 0
VALUE Cisco-VPN-Strip-Realm
Enabled 1
VALUE Cisco-VPN-Smart-Tunnel-Auto
Disabled 0
VALUE Cisco-VPN-Smart-Tunnel-Auto
Enabled 1
VALUE Cisco-VPN-Smart-Tunnel-Auto
AutoStart 2
VALUE Cisco-VPN-WebVPN-Smart-Tunnel-Auto-Start
Disabled 0
VALUE Cisco-VPN-WebVPN-Smart-Tunnel-Auto-Start
Enabled 1
VALUE Cisco-VPN-WebVPN-Smart-Tunnel-Auto-Start
Auto-Start 2
VALUE Cisco-VPN-Client-Type
Cisco-VPN-Client 1
VALUE Cisco-VPN-Client-Type
AnyConnect-Client-SSL-VPN 2
VALUE Cisco-VPN-Client-Type
Clientless-SSL-VPN 3
VALUE Cisco-VPN-Client-Type
Cut-Through-Proxy 4
VALUE Cisco-VPN-Client-Type
L2TP-IPsec-SSL-VPN 5
VALUE Cisco-VPN-Client-Type
AnyConnect-Client-IPsec-VPN 6
VALUE Cisco-VPN-Session-Type
None 0
VALUE Cisco-VPN-Session-Type
AnyConnect-Client-SSL-VPN 1
VALUE Cisco-VPN-Session-Type
AnyConnect-Client-IPSec-VPN 2
VALUE Cisco-VPN-Session-Type
Clientless-SSL-VPN 3
VALUE Cisco-VPN-Session-Type
Clientless-Email-Proxy 4
VALUE Cisco-VPN-Session-Type
Cisco-VPN-Client 5
VALUE Cisco-VPN-Session-Type
IKEv1-LAN-LAN 6
VALUE Cisco-VPN-Session-Type
IKEv2-LAN-LAN 7
VALUE Cisco-VPN-Session-Type
VPN-Load-Balancing 8
VALUE Cisco-VPN-Session-Subtype
None 0
VALUE Cisco-VPN-Session-Subtype
Clientless 1
VALUE Cisco-VPN-Session-Subtype
Client 2
VALUE Cisco-VPN-Session-Subtype
Client-Only 3
VALUE Cisco-VPN-WebVPN-Smart-Card-Removal-Disconnect
Disabled 0
VALUE Cisco-VPN-WebVPN-Smart-Card-Removal-Disconnect
Enabled 1
</pre>
<blockquote type="cite">
<pre wrap="">
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">[1]
<a class="moz-txt-link-freetext" href="http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CDIQFjAA&url=http%3A%2F%2Fwww.open.com.au%2Fpipermail%2Fradiator%2F2003-October%2F008053.html&ei=LOksUebXOsvRsgaPpoDQCw&usg=AFQjCNGveQ6v-u4hYtw6RZA5hP8FD_TlUg&sig2=7pknyx-Cqi079pJBCP_SqA&bvm=bv.42965579,d.Yms&cad=rja">http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CDIQFjAA&url=http%3A%2F%2Fwww.open.com.au%2Fpipermail%2Fradiator%2F2003-October%2F008053.html&ei=LOksUebXOsvRsgaPpoDQCw&usg=AFQjCNGveQ6v-u4hYtw6RZA5hP8FD_TlUg&sig2=7pknyx-Cqi079pJBCP_SqA&bvm=bv.42965579,d.Yms&cad=rja</a>
[2]
<a class="moz-txt-link-freetext" href="http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1753749">http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ref_extserver.html#wp1753749</a>
[3] <a class="moz-txt-link-freetext" href="http://www.networkworld.com/news/2000/0119cistiga.html">http://www.networkworld.com/news/2000/0119cistiga.html</a>
--
Best regards, Alex
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
_______________________________________________
radiator mailing list
<a class="moz-txt-link-abbreviated" href="mailto:radiator@open.com.au">radiator@open.com.au</a>
<a class="moz-txt-link-freetext" href="http://www.open.com.au/mailman/listinfo/radiator">http://www.open.com.au/mailman/listinfo/radiator</a>
</pre>
</blockquote>
</blockquote>
<pre wrap="">_______________________________________________
radiator mailing list
<a class="moz-txt-link-abbreviated" href="mailto:radiator@open.com.au">radiator@open.com.au</a>
<a class="moz-txt-link-freetext" href="http://www.open.com.au/mailman/listinfo/radiator">http://www.open.com.au/mailman/listinfo/radiator</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
radiator mailing list
<a class="moz-txt-link-abbreviated" href="mailto:radiator@open.com.au">radiator@open.com.au</a>
<a class="moz-txt-link-freetext" href="http://www.open.com.au/mailman/listinfo/radiator">http://www.open.com.au/mailman/listinfo/radiator</a></pre>
</blockquote>
<br>
</body>
</html>