Skip to content
Was this article helpful?

aaa parameter

The following operations can be performed on "aaa parameter":

set | unset | show

set aaa parameter

Sets the global AAA configuration. Any configuration settings made at this level overrides configuration settings for the authentication server.

Synopsys

set aaa parameter [-enableStaticPageCaching ( YES | NO )] [-enableEnhancedAuthFeedback ( YES | NO )] [-defaultAuthType <defaultAuthType>] [-maxAAAUsers <positive_integer>] [-maxLoginAttempts <positive_integer> [-failedLoginTimeout <mins>]] [-aaadnatIp <ip_addr|*>] [-enableSessionStickiness ( YES | NO )] [-aaaSessionLoglevel <aaaSessionLoglevel>] [-aaadLoglevel <aaadLoglevel>] [-dynAddr ( ON | OFF )] [-ftMode <ftMode>]

Arguments

enableStaticPageCaching

The default state of VPN Static Page caching. If nothing is specified, the default value is set to YES.

Possible values: YES, NO

Default value: YES

enableEnhancedAuthFeedback

Enhanced auth feedback provides more information to the end user about the reason for an authentication failure. The default value is set to NO.

Possible values: YES, NO

Default value: NO

defaultAuthType

The default authentication server type.

Possible values: LOCAL, LDAP, RADIUS, TACACS, CERT

Default value: LOCAL

maxAAAUsers

Maximum number of concurrent users allowed to log on to VPN simultaneously.

Minimum value: 1

maxLoginAttempts

Maximum Number of login Attempts

Minimum value: 1

failedLoginTimeout

Number of minutes an account will be locked if user exceeds maximum permissible attempts

Minimum value: 1

aaadnatIp

Source IP address to use for traffic that is sent to the authentication server.

enableSessionStickiness

Enables/Disables stickiness to authentication servers

Possible values: YES, NO

Default value: NO

aaaSessionLoglevel

Audit log level, which specifies the types of events to log for cli executed commands.

Available values function as follows:

  • EMERGENCY - Events that indicate an immediate crisis on the server.

  • ALERT - Events that might require action.

  • CRITICAL - Events that indicate an imminent server crisis.

  • ERROR - Events that indicate some type of error.

  • WARNING - Events that require action in the near future.

  • NOTICE - Events that the administrator should know about.

  • INFORMATIONAL - All but low-level events.

  • DEBUG - All events, in extreme detail.

Possible values: EMERGENCY, ALERT, CRITICAL, ERROR, WARNING, NOTICE, INFORMATIONAL, DEBUG

Default value: DEFAULT_LOGLEVEL_AAA

aaadLoglevel

AAAD log level, which specifies the types of AAAD events to log in nsvpn.log.

Available values function as follows:

  • EMERGENCY - Events that indicate an immediate crisis on the server.

  • ALERT - Events that might require action.

  • CRITICAL - Events that indicate an imminent server crisis.

  • ERROR - Events that indicate some type of error.

  • WARNING - Events that require action in the near future.

  • NOTICE - Events that the administrator should know about.

  • INFORMATIONAL - All but low-level events.

  • DEBUG - All events, in extreme detail.

Possible values: EMERGENCY, ALERT, CRITICAL, ERROR, WARNING, NOTICE, INFORMATIONAL, DEBUG

Default value: INFORMATIONAL

dynAddr

Set by the DHCP client when the IP address was fetched dynamically.

Possible values: ON, OFF

Default value: OFF

ftMode

First time user mode determines which configuration options are shown by default when logging in to the GUI. This setting is controlled by the GUI.

Possible values: ON, HA, OFF

Default value: ON

Example

set aaa parameter -defaultAuthType RADIUS -maxAAAUSers 100

unset aaa parameter

Resets the global AAA parameter settings on the NetScaler appliance. Attributes for which a default value is available revert to their default values. See the set aaa parameter command for descriptions of the parameters..Refer to the set aaa parameter command for meanings of the arguments.

Synopsys

unset aaa parameter [-enableStaticPageCaching] [-enableEnhancedAuthFeedback] [-defaultAuthType] [-maxAAAUsers] [-aaadnatIp] [-maxLoginAttempts] [-enableSessionStickiness] [-aaaSessionLoglevel] [-aaadLoglevel] [-dynAddr] [-ftMode]

show aaa parameter

Displays the current AAA global configuration.

Synopsys

show aaa parameter

Outputs

enableStaticPageCaching

Indicates if static page caching is enabled or not.

enableEnhancedAuthFeedback

Indicates whether enhanced auth feedback is enabled or not.

defaultAuthType

The default authentication server type.

maxAAAUsers

The maximum number of concurrent users allowed to log into the system at any time.

aaadnatIp

The natIp to be used for the AAA traffic

maxLoginAttempts

Maximum Number of login Attempts

failedLoginTimeout

Number of minutes an account will be locked if user exceeds maximum permissible attempts

enableSessionStickiness

Enables/Disables stickiness to authentication servers

aaaSessionLoglevel

Audit log level, which specifies the types of events to log for cli executed commands.

Available values function as follows:

  • EMERGENCY - Events that indicate an immediate crisis on the server.

  • ALERT - Events that might require action.

  • CRITICAL - Events that indicate an imminent server crisis.

  • ERROR - Events that indicate some type of error.

  • WARNING - Events that require action in the near future.

  • NOTICE - Events that the administrator should know about.

  • INFORMATIONAL - All but low-level events.

  • DEBUG - All events, in extreme detail.

aaadLoglevel

AAAD log level, which specifies the types of AAAD events to log in nsvpn.log.

Available values function as follows:

  • EMERGENCY - Events that indicate an immediate crisis on the server.

  • ALERT - Events that might require action.

  • CRITICAL - Events that indicate an imminent server crisis.

  • ERROR - Events that indicate some type of error.

  • WARNING - Events that require action in the near future.

  • NOTICE - Events that the administrator should know about.

  • INFORMATIONAL - All but low-level events.

  • DEBUG - All events, in extreme detail.

dynAddr

Set by the DHCP client when the IP address was fetched dynamically.

ftMode

First time user mode determines which configuration options are shown by default when logging in to the GUI. This setting is controlled by the GUI.

Example

> show aaa parameterConfigured AAA parameters DefaultAuthType: LDAP MaxAAAUsers: 5 Done>

Was this article helpful?