Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 91

    Page 91 4-27 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS ACS and Cisco Security Group Access Step 5Click Next. The Access Services Properties page appears. Step 6In the Authentication Protocols area, check the relevant protocols for your access service. Step 7Click Finish. Creating an Endpoint Admission Control Policy After you create a service, you configure the endpoint admission control policy. The endpoint admission control policy returns an... 
    4-27
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  ACS and Cisco Security Group Access
Step 5Click Next.
The Access Services Properties page appears.
Step 6In the Authentication Protocols area, check the relevant protocols for your access service. 
Step 7Click Finish.
Creating an Endpoint Admission Control Policy
After you create a service, you configure the endpoint admission control policy. The endpoint admission 
control policy returns an...

    Page 92

    Page 92 4-28 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS ACS and Cisco Security Group Access The first row (topmost) of the matrix contains the column headers, which display the destination SGT. The first column (far left) contains the row titles, with the source SG displayed. At the intersection of these axes lies the origin cell (top left) that contains the titles of the axes, namely, Destination and Source. All other cells are internal... 
    4-28
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  ACS and Cisco Security Group Access
The first row (topmost) of the matrix contains the column headers, which display the destination SGT. 
The first column (far left) contains the row titles, with the source SG displayed. At the intersection of 
these axes lies the origin cell (top left) that contains the titles of the axes, namely, Destination and 
Source. 
All other cells are internal...

    Page 93

    Page 93 4-29 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests To create a default policy: Step 1Choose Access Policies > Security Group Access Control > Egress Policy then choose Default Policy. Step 2Fill in the fields as in the Default Policy for Egress Policy page. Step 3Click Submit. RADIUS and TACACS+ Proxy Requests You can use ACS to act as a proxy server that receives authentication and accounting RADIUS... 
    4-29
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  RADIUS and TACACS+ Proxy Requests
To create a default policy:
Step 1Choose Access Policies > Security Group Access Control > Egress Policy then choose Default Policy.
Step 2Fill in the fields as in the Default Policy for Egress Policy page.
Step 3Click Submit.
RADIUS and TACACS+ Proxy Requests
You can use ACS to act as a proxy server that receives authentication and accounting RADIUS...

    Page 94

    Page 94 4-30 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests During proxying, ACS: 1.Receives the following packets from the NAS and forwards them to the remote RADIUS server: Access-Request Accounting-Request packets 2.Receives the following packets from the remote RADIUS server and returns them to the NAS: Access-Accept Access-Reject Access-Challenge Accounting-Response 3.Receives the following packets from the NAS... 
    4-30
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  RADIUS and TACACS+ Proxy Requests
During proxying, ACS:
1.Receives the following packets from the NAS and forwards them to the remote RADIUS server:
Access-Request
Accounting-Request packets
2.Receives the following packets from the remote RADIUS server and returns them to the NAS:
Access-Accept
Access-Reject
Access-Challenge
Accounting-Response
3.Receives the following packets from the NAS...

    Page 95

    Page 95 4-31 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests The TACACS+ proxy feature in ACS supports the following protocols: PA P ASCII CHAP MSCHAP authentications types Related Topics RADIUS and TACACS+ Proxy Requests, page 4-29 Supported RADIUS Attributes, page 4-31 Configuring Proxy Service, page 4-32 Supported RADIUS Attributes The following supported RADIUS attributes are encrypted: User-Password... 
    4-31
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  RADIUS and TACACS+ Proxy Requests
The TACACS+ proxy feature in ACS supports the following protocols:
PA P
ASCII
CHAP
MSCHAP authentications types
Related Topics
RADIUS and TACACS+ Proxy Requests, page 4-29
Supported RADIUS Attributes, page 4-31
Configuring Proxy Service, page 4-32
Supported RADIUS Attributes
The following supported RADIUS attributes are encrypted:
User-Password...

    Page 96

    Page 96 4-32 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 4 Common Scenarios Using ACS RADIUS and TACACS+ Proxy Requests Configuring Proxy Service To configure proxy services: Step 1Configure a set of remote RADIUS and TACACS+ servers. For information on how to configure remote servers, see Creating, Duplicating, and Editing External Proxy Servers, page 7-19. Step 2Configure an External proxy service. For information on how to configure a External proxy service, see... 
    4-32
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 4      Common Scenarios Using ACS
  RADIUS and TACACS+ Proxy Requests
Configuring Proxy Service
To configure proxy services:
Step 1Configure a set of remote RADIUS and TACACS+ servers. For information on how to configure remote 
servers, see Creating, Duplicating, and Editing External Proxy Servers, page 7-19.
Step 2Configure an External proxy service. For information on how to configure a External proxy service, see...

    Page 97

    Page 97 CH A P T E R 5-1 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 5 Understanding My Workspace The Cisco Secure ACS web interface is designed to be viewed using Microsoft Internet Explorer 7.x, 8.x, and 9.x and Mozilla Firefox 3.x and 4.x. The web interface not only makes viewing and administering ACS possible, but it also allows you to monitor and report on any event in the network. These reports track connection activity, show which users are currently logged in, list the failed... 
    CH A P T E R
5-1
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
5
Understanding My Workspace
The Cisco Secure ACS web interface is designed to be viewed using Microsoft Internet Explorer 7.x, 
8.x, and 9.x and Mozilla Firefox 3.x and 4.x. The web interface not only makes viewing and 
administering ACS possible, but it also allows you to monitor and report on any event in the network. 
These reports track connection activity, show which users are currently logged in, list the failed...

    Page 98

    Page 98 5-2 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Task Guides Task Guides From the My Workspace drawer, you can access Tasks Guides. When you click any of the tasks, it opens a frame on the right side of the web interface. This frame contains step-by-step instructions as well as links to additional information. ACS provides the following task guides: Quick Start—Lists the minimal steps required to get ACS up and running quickly. Initial... 
    5-2
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 5      Understanding My Workspace
  Task Guides
Task Guides
From the My Workspace drawer, you can access Tasks Guides. When you click any of the tasks, it opens 
a frame on the right side of the web interface. This frame contains step-by-step instructions as well as 
links to additional information. ACS provides the following task guides:
Quick Start—Lists the minimal steps required to get ACS up and running quickly.
Initial...

    Page 99

    Page 99 5-3 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Related Topics Configuring Authentication Settings for Administrators, page 16-9 Changing the Administrator Password, page 16-13 Using the Web Interface You can configure and administer ACS through the ACS web interface, in which you can access pages, perform configuration tasks, and view interface configuration errors. This section describes: Accessing the Web... 
    5-3
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 5      Understanding My Workspace
  Using the Web Interface
Related Topics
Configuring Authentication Settings for Administrators, page 16-9
Changing the Administrator Password, page 16-13
Using the Web Interface
You can configure and administer ACS through the ACS web interface, in which you can access pages, 
perform configuration tasks, and view interface configuration errors. This section describes:
Accessing the Web...

    Page 100

    Page 100 5-4 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 5 Understanding My Workspace Using the Web Interface Logging In To log in to the ACS web interface for the first time after installation: Step 1Enter the ACS URL in your browser, for example https://acs_host/acsadmin, where /acs_host is the IP address or Domain Name System (DNS) hostname. The login page appears. Step 2Enter ACSAdmin in the Username field; the value is not case-sensitive. Step 3Enter default in the... 
    5-4
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 5      Understanding My Workspace
  Using the Web Interface
Logging In
To log in to the ACS web interface for the first time after installation:
Step 1Enter the ACS URL in your browser, for example https://acs_host/acsadmin, where /acs_host is the IP 
address or Domain Name System (DNS) hostname.
The login page appears. 
Step 2Enter ACSAdmin in the Username field; the value is not case-sensitive.
Step 3Enter default in the...
    Start reading Cisco Acs 5x User Guide

    Related Manuals for Cisco Acs 5x User Guide

    All Cisco manuals