Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 121

    Page 121 15 Managing Network Resources Network Devices and AAA Clients Single Connect DeviceCheck to use a single TCP connection for all TACACS+ communication with the network device. Choose one: Legacy TACACS+ Single Connect Support TACACS+ Draft Compliant Single Connect Support If you disable this option, a new TCP connection is used for every TACACS+ request. RADIUS Check to use the RADIUS protocol to authenticate communication to and from the network device. RADIUS Shared SecretShared secret of the... 
    15   
Managing Network Resources
Network Devices and AAA Clients
Single Connect 
DeviceCheck to use a single TCP connection for all TACACS+ communication with the network device. 
Choose one:
Legacy TACACS+ Single Connect Support 
TACACS+ Draft Compliant Single Connect Support 
If you disable this option, a new TCP connection is used for every TACACS+ request. 
RADIUS Check to use the RADIUS protocol to authenticate communication to and from the network device.
RADIUS Shared 
SecretShared secret of the...

    Page 122

    Page 122 16 Managing Network Resources Network Devices and AAA Clients Related Topics: Viewing and Performing Bulk Operations for Network Devices, page 5 Creating, Duplicating, and Editing Network Device Groups, page 2 Deleting Network Devices To delete a network device: 1.Choose Network Resources > Network Devices and AAA Clients. The Network Devices page appears, with a list of your configured network devices. 2.Check one or more check boxes the network devices you want to delete. 3.Click Delete. The... 
    16
Managing Network Resources
 
Network Devices and AAA Clients
Related Topics:
Viewing and Performing Bulk Operations for Network Devices, page 5
Creating, Duplicating, and Editing Network Device Groups, page 2
Deleting Network Devices
To delete a network device:
1.Choose Network Resources > Network Devices and AAA Clients.
The Network Devices page appears, with a list of your configured network devices.
2.Check one or more check boxes the network devices you want to delete.
3.Click Delete. 
The...

    Page 123

    Page 123 17 Managing Network Resources Configuring a Default Network Device When ACS receives an access request, it searches the single static IP addresses first. If a match is not found, ACS searches the IP subnets and IP ranges for the network device. An IP address with a subnet mask of 32 resolves to the IP address itself. Therefore, ACS does not allow you to configure a single static IP address on a network device if the same IP address with a subnet mask of 32 is configured on another network device.... 
    17   
Managing Network Resources
Configuring a Default Network Device
When ACS receives an access request, it searches the single static IP addresses first. If a match is not found, ACS 
searches the IP subnets and IP ranges for the network device. An IP address with a subnet mask of 32 resolves to the 
IP address itself. Therefore, ACS does not allow you to configure a single static IP address on a network device if the 
same IP address with a subnet mask of 32 is configured on another network device....

    Page 124

    Page 124 18 Managing Network Resources Working with External Proxy Servers Related Topics Network Device Groups, page 1 Network Devices and AAA Clients, page 5 Creating, Duplicating, and Editing Network Device Groups, page 2 Working with External Proxy Servers ACS 5.7 can function both as a RADIUS and TACACS+ server and as a RADIUS and TACACS+ proxy server. When it acts as a proxy server, ACS receives authentication and accounting requests from the NAS and forwards them to the external RADIUS or TACACS+... 
    18
Managing Network Resources
 
Working with External Proxy Servers
Related Topics
Network Device Groups, page 1
Network Devices and AAA Clients, page 5
Creating, Duplicating, and Editing Network Device Groups, page 2
Working with External Proxy Servers
ACS 5.7 can function both as a RADIUS and TACACS+ server and as a RADIUS and TACACS+ proxy server. When it acts 
as a proxy server, ACS receives authentication and accounting requests from the NAS and forwards them to the external 
RADIUS or TACACS+...

    Page 125

    Page 125 19 Managing Network Resources Working with External Proxy Servers This section contains the following topics: Creating, Duplicating, and Editing External Proxy Servers, page 19 Deleting External Proxy Servers, page 20 Creating, Duplicating, and Editing External Proxy Servers To create, duplicate, or edit an external proxy server: 1.Choose Network Resources > External Proxy Servers. The External Proxy Servers page appears with a list of configured servers. 2.Do one of the following: Click Create.... 
    19   
Managing Network Resources
Working with External Proxy Servers
This section contains the following topics:
Creating, Duplicating, and Editing External Proxy Servers, page 19
Deleting External Proxy Servers, page 20
Creating, Duplicating, and Editing External Proxy Servers
To create, duplicate, or edit an external proxy server:
1.Choose Network Resources > External Proxy Servers.
The External Proxy Servers page appears with a list of configured servers.
2.Do one of the following:
Click Create....

    Page 126

    Page 126 20 Managing Network Resources Working with OCSP Services 4.Click Submit to save the changes. The external Proxy Server configuration is saved. The External Proxy Server page appears with the new configuration. Note: If you want ACS to forward unknown RADIUS attributes you have to define VSAs for proxy. Related Topics RADIUS and TACACS+ Proxy Services, page 7 RADIUS and TACACS+ Proxy Requests, page 26 Configuring General Access Service Properties, page 13 Deleting External Proxy Servers, page 20... 
    20
Managing Network Resources
 
Working with OCSP Services
4.Click Submit to save the changes.
The external Proxy Server configuration is saved. The External Proxy Server page appears with the new 
configuration.
Note: If you want ACS to forward unknown RADIUS attributes you have to define VSAs for proxy.
Related Topics
RADIUS and TACACS+ Proxy Services, page 7
RADIUS and TACACS+ Proxy Requests, page 26
Configuring General Access Service Properties, page 13
Deleting External Proxy Servers, page 20...

    Page 127

    Page 127 21 Managing Network Resources Working with OCSP Services You can configure up to two OCSP servers in ACS, which are called the primary and secondary OCSP servers. ACS communicates with the secondary OCSP server when a timeout occurs while it is communicating with the primary OCSP server. OCSP can return the following three values for a given certificate request: Good—The certificate is good for usage. Revoked—The certificate is revoked. Unknown —The certificate status is unknown. The status of... 
    21   
Managing Network Resources
Working with OCSP Services
You can configure up to two OCSP servers in ACS, which are called the primary and secondary OCSP servers. ACS 
communicates with the secondary OCSP server when a timeout occurs while it is communicating with the primary OCSP 
server.
OCSP can return the following three values for a given certificate request:
Good—The certificate is good for usage.
Revoked—The certificate is revoked. 
Unknown —The certificate status is unknown. 
The status of...

    Page 128

    Page 128 22 Managing Network Resources Working with OCSP Services Creating, Duplicating, and Editing OCSP Servers To create, duplicate, or edit an OCSP server: 1.Choose Network Resources > OCSP Services. The OCSP Services page appears with a list of configured OCSP servers. 2.Do one of the following: Click Create. Check the check box the OCSP server that you want to duplicate, then click Duplicate. Click the OCSP server name that you want to edit, or check the check box the name and click Edit. The OCSP... 
    22
Managing Network Resources
 
Working with OCSP Services
Creating, Duplicating, and Editing OCSP Servers
To create, duplicate, or edit an OCSP server:
1.Choose Network Resources > OCSP Services.
The OCSP Services page appears with a list of configured OCSP servers.
2.Do one of the following:
Click Create.
Check the check box the OCSP server that you want to duplicate, then click Duplicate. 
Click the OCSP server name that you want to edit, or check the check box the name and click Edit.
The OCSP...

    Page 129

    Page 129 23 Managing Network Resources Working with OCSP Services 4.Click Submit to save your changes. The OCSP Server configuration is saved. The OCSP Server page appears with the new configuration. Related Topics Deleting OCSP Servers, page 23 Deleting OCSP Servers To delete an OCSP server, complete the following steps: 1.Choose Network Resources > OCSP Services. The OCSP Services page appears with a list of configured OCSP servers. 2.Check one or more check boxes the OCSP servers you want to delete, and... 
    23   
Managing Network Resources
Working with OCSP Services
4.Click Submit to save your changes.
The OCSP Server configuration is saved. The OCSP Server page appears with the new configuration.
Related Topics
Deleting OCSP Servers, page 23
Deleting OCSP Servers
To delete an OCSP server, complete the following steps:
1.Choose Network Resources > OCSP Services.
The OCSP Services page appears with a list of configured OCSP servers.
2.Check one or more check boxes the OCSP servers you want to delete, and...

    Page 130

    Page 130 24 Managing Network Resources Working with OCSP Services 3.Click OK. The OCSP Servers page appears without the deleted server(s). 
    24
Managing Network Resources
 
Working with OCSP Services
3.Click OK.
The OCSP Servers page appears without the deleted server(s).
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals