Primary Identity Source

  • Security Cloud Control reads the Connection Aliases and Group URLs attributes as Group Alias and Group URL.

    Note
    • The connection profiles configured with SAML, Multiple certificates and AAA, and Multiple certificates aren't read.

    • The authentication server group with the interface and server group is not supported.

  • Security Cloud Control supports the AnyConnect connection profiles configured with "AAA", "AAA and certificate", and "Certificate only" authentication methods in Primary Identity Source.

  • The AAA Server Group is read in Security Cloud Control as Primary Identity Source for User Authentication inPrimary Identity Source (You can see this attribute by selecting AAA or AAA and Client Certificate as the Authentication Type).

    • If the AAA Server Group has been configured something other than LOCAL, Security Cloud Control reads and displays this attribute in the Fallback Local Identity Source field under Primary Identity Source. (You can see this attribute by selecting AAA as the authentication type).

      To learn more about the server group attributes read in Security Cloud Control, see AAA Server Groups.

Secondary Identity Source

The Secondary Identity Source displays the secondary authentication attributes of the ASA device. To see these attributes, select AAA or AAA and Client Certificate as the authentication type, and click View Secondary Identity Source.

  • The Secondary Identity Source for User Authentication displays the secondary authentication Server Group attribute.

    • If the Server Group has been configured something other than LOCAL, Security Cloud Control reads and displays this attribute in the Fallback Local Identity Source for Secondaryfield under Secondary Identity Source.

  • Security Cloud Control doesn't support the Attribute Server and Interface-Specific Authorization Server Groups attributes.

To learn more about the server group attributes read in Security Cloud Control, see AAA Server Groups.

Authorization Server

  • The Authorization Server displays the authorization Server Group attribute.

  • Security Cloud Control doesn't support the authorization server group with interface and server group.

To learn more about the RADIUS server group attributes read in Security Cloud Control, see RADIUS Server Groups.

Accounting Server

The Accounting Server displays the accounting Server Group attribute. To learn more about the server group attributes read in Security Cloud Control, see RADIUS Server Groups.

Client Address Pool Assignment

Security Cloud Control reads the Client Address Assignment attributes (DHCP Servers, Client Address Pools, and Client IPv6 Address Pools) as objects. (You can see these attributes in Client Address Pool Assignment). The DHCP server details are read as literals.

Note

Security Cloud Control doesn't support the IP address pools assigned on specific interfaces. However, these attributes can be seen in the ASA command-line interface (CLI).