Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 71

    Page 71 31 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests Example: Callback-ID – Attribute Multiple NOT allowed. On the access accept response from the RADIUS server: Callback-ID NOT on the access accept response Attribute operation statement: Callback-ID ADD 1223 Result of the add attribute operation on the response sent to the client device: Callback-ID=1223 If the Callback-ID is on the original access accept response, ACS does not perform the add operation in this example. If multiple... 
    31   
Common Scenarios Using ACS
RADIUS and TACACS+ Proxy Requests
Example:
Callback-ID – Attribute Multiple NOT allowed.
On the access accept response from the RADIUS server:
Callback-ID NOT on the access accept response
Attribute operation statement:
Callback-ID ADD 1223
Result of the add attribute operation on the response sent to the client device: 
Callback-ID=1223
If the Callback-ID is on the original access accept response, ACS does not perform the add operation in this 
example.
If multiple...

    Page 72

    Page 72 32 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests Result of the attribute operation on the response sent to the client device: Login-IP-Host=10.11.11.11 If the attribute is cisco-avpair (pair of key=value), the update is done according to the key. Example: On the access accept response from the RADIUS server: cisco-avpair = url-redirect=www.cisco.com cisco-avpair = url-redirect=www.yahoo.com cisco-avpair = cmd=show Attribute operation statement: cisco-avpair UPDATE new... 
    32
Common Scenarios Using ACS
 
RADIUS and TACACS+ Proxy Requests
Result of the attribute operation on the response sent to the client device: 
Login-IP-Host=10.11.11.11
If the attribute is cisco-avpair (pair of key=value), the update is done according to the key.
Example:
On the access accept response from the RADIUS server:
cisco-avpair = url-redirect=www.cisco.com
cisco-avpair = url-redirect=www.yahoo.com
cisco-avpair = cmd=show
Attribute operation statement:
cisco-avpair UPDATE new...

    Page 73

    Page 73 33 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests Note: ACS proxy can not support protocols that use encrypted RADIUS attributes. The TACACS+ proxy feature in ACS supports the following protocols: PA P ASCII CHAP MSCHAP authentications types Related Topics RADIUS and TACACS+ Proxy Requests, page 26 Supported RADIUS Attributes, page 33 Configuring Proxy Service, page 34 Supported RADIUS Attributes The following supported RADIUS attributes are encrypted: User-Password... 
    33   
Common Scenarios Using ACS
RADIUS and TACACS+ Proxy Requests
Note: ACS proxy can not support protocols that use encrypted RADIUS attributes. 
The TACACS+ proxy feature in ACS supports the following protocols:
PA P
ASCII
CHAP
MSCHAP authentications types
Related Topics
RADIUS and TACACS+ Proxy Requests, page 26
Supported RADIUS Attributes, page 33
Configuring Proxy Service, page 34
Supported RADIUS Attributes
The following supported RADIUS attributes are encrypted:
User-Password...

    Page 74

    Page 74 34 Common Scenarios Using ACS Enabling and Disabling IPv6 for Network Interfaces Configuring Proxy Service To configure proxy services: 1.Configure a set of remote RADIUS and TACACS+ servers. For information on how to configure remote servers, see Creating, Duplicating, and Editing External Proxy Servers, page 19. 2.Configure an External proxy service. For information on how to configure a External proxy service, see Configuring General Access Service Properties, page 13. You must select the User... 
    34
Common Scenarios Using ACS
 
Enabling and Disabling IPv6 for Network Interfaces
Configuring Proxy Service
To configure proxy services:
1.Configure a set of remote RADIUS and TACACS+ servers. For information on how to configure remote servers, see 
Creating, Duplicating, and Editing External Proxy Servers, page 19.
2.Configure an External proxy service. For information on how to configure a External proxy service, see Configuring 
General Access Service Properties, page 13.
You must select the User...

    Page 75

    Page 75 1 Cisco Systems, Inc.www.cisco.com Understanding My Workspace The Cisco Secure ACS web interface is designed to be viewed using Microsoft Internet Explorer and Mozilla Firefox browsers. For more information on supported browser versions, see Release Notes for Cisco Secure Access Control System 5.7. The web interface not only makes viewing and administering ACS possible, but it also allows you to monitor and report on any event in the network. These reports track connection activity, show which... 
    1
Cisco Systems, Inc.www.cisco.com
 
Understanding My Workspace
The Cisco Secure ACS web interface is designed to be viewed using Microsoft Internet Explorer and Mozilla Firefox 
browsers. For more information on supported browser versions, see Release Notes for Cisco Secure Access Control 
System 5.7. The web interface not only makes viewing and administering ACS possible, but it also allows you to monitor 
and report on any event in the network. 
These reports track connection activity, show which...

    Page 76

    Page 76 2 Understanding My Workspace Ta s k G u i d e s In ACS 5.7, you can also see a banner in the welcome page. You can customize this After Login banner text from the Login Banner page. Task Guides From the My Workspace drawer, you can access Tasks Guides. When you click any of the tasks, a frame opens on the right side of the web interface. This frame contains step-by-step instructions, as well as links to additional information. ACS provides the following task guides: Quick Start—Lists the minimal... 
    2
Understanding My Workspace
 
Ta s k  G u i d e s
In ACS 5.7, you can also see a banner in the welcome page. You can customize this After Login banner text from the 
Login Banner page. 
Task Guides
From the My Workspace drawer, you can access Tasks Guides. When you click any of the tasks, a frame opens on the 
right side of the web interface. This frame contains step-by-step instructions, as well as links to additional information. 
ACS provides the following task guides:
Quick Start—Lists the minimal...

    Page 77

    Page 77 3 Understanding My Workspace Login Banner Related Topics Configuring Authentication Settings for Administrators, page 11 Changing the Administrator Password, page 25 Login Banner ACS 5.7 supports customizing of the login banner texts. You can set two sets of banner text; for instance, before logging you can display one banner text, and after logging in you can display another banner text. You can do this customization from the Login Banner page. The copyright statement is default for both the... 
    3   
Understanding My Workspace
Login Banner
Related Topics
Configuring Authentication Settings for Administrators, page 11
Changing the Administrator Password, page 25
Login Banner
ACS 5.7 supports customizing of the login banner texts. You can set two sets of banner text; for instance, before logging 
you can display one banner text, and after logging in you can display another banner text. You can do this customization 
from the Login Banner page. The copyright statement is default for both the...

    Page 78

    Page 78 4 Understanding My Workspace Using the Web Interface Accessing the Web Interface, page 4 Understanding the Web Interface, page 5 Common Errors, page 24 Accessibility, page 26 Accessing the Web Interface The ACS web interface is supported on HTTPS-enabled Microsoft Internet Explorer and Mozilla Firefox browsers. For more information on supported browser versions, see Release Notes for Cisco Secure Access Control System 5.7. This section contains: Logging In, page 4 Logging Out, page 5 Logging... 
    4
Understanding My Workspace
 
Using the Web Interface
Accessing the Web Interface, page 4
Understanding the Web Interface, page 5
Common Errors, page 24
Accessibility, page 26
Accessing the Web Interface
The ACS web interface is supported on HTTPS-enabled Microsoft Internet Explorer and Mozilla Firefox browsers. For 
more information on supported browser versions, see Release Notes for Cisco Secure Access Control System 5.7. 
This section contains:
Logging In, page 4
Logging Out, page 5
Logging...

    Page 79

    Page 79 5 Understanding My Workspace Using the Web Interface Note: The license page only appears the first time that you log in to ACS. 7.See Installing a License File, page 38 to install a valid license. If your login is successful, the main page of the ACS web interface appears. If your login is unsuccessful, the following error message appears: Access Denied. Please contact your Security Administrator for assistance. The Username and Password fields are cleared. 8.Re-enter the valid username and... 
    5   
Understanding My Workspace
Using the Web Interface
Note: The license page only appears the first time that you log in to ACS.
7.See Installing a License File, page 38 to install a valid license.
If your login is successful, the main page of the ACS web interface appears.
If your login is unsuccessful, the following error message appears:
Access Denied. Please contact your Security Administrator for assistance. 
The Username and Password fields are cleared.
8.Re-enter the valid username and...

    Page 80

    Page 80 6 Understanding My Workspace Using the Web Interface Web Interface Design Figure 3 on page 6 shows the overall design of the ACS web interface. Figure 3 ACS Web Interface The interface contains: Header, page 6 Navigation Pane, page 7 Content Area, page 8 Header Use the header to: Identify the current user (your username) Access the online help Log out Access the About information, where you can find information about which ACS web interface version is installed. These items appear on the right... 
    6
Understanding My Workspace
 
Using the Web Interface
Web Interface Design
Figure 3 on page 6 shows the overall design of the ACS web interface.
Figure 3 ACS Web Interface
The interface contains:
Header, page 6
Navigation Pane, page 7
Content Area, page 8
Header
Use the header to:
Identify the current user (your username)
Access the online help
Log out
Access the About information, where you can find information about which ACS web interface version is installed.
These items appear on the right...
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals