Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 271

    Page 271 10-7 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring the Service Selection Policy To configure a rule-based service selection policy, see these topics: Creating, Duplicating, and Editing Service Selection Rules, page 10-8 Deleting Service Selection Rules, page 10-10 After you configure your service selection policy, you can continue to configure your access service policies. See Configuring Access Service Policies, page 10-21.... 
    10-7
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring the Service Selection Policy
To configure a rule-based service selection policy, see these topics:
Creating, Duplicating, and Editing Service Selection Rules, page 10-8
Deleting Service Selection Rules, page 10-10
After you configure your service selection policy, you can continue to configure your access service 
policies. See Configuring Access Service Policies, page 10-21....

    Page 272

    Page 272 10-8 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring the Service Selection Policy Creating, Duplicating, and Editing Service Selection Rules Create service selection rules to determine which access service processes incoming requests. The Default Rule provides a default access service in cases where no rules are matched or defined. When you create rules, remember that the order of the rules is important. When ACS encounters a... 
    10-8
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring the Service Selection Policy
Creating, Duplicating, and Editing Service Selection Rules
Create service selection rules to determine which access service processes incoming requests. The 
Default Rule provides a default access service in cases where no rules are matched or defined. 
When you create rules, remember that the order of the rules is important. When ACS encounters a...

    Page 273

    Page 273 10-9 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring the Service Selection Policy The Default Rule—You can change only the access service. See Table 10-3 for field descriptions: Step 4Click OK. The Service Selection Policy page appears with the rule that you configured. Step 5Click Save Changes. Related Topics Configuring Access Services, page 10-11 Deleting Service Selection Rules, page 10-10 Table 10-3 Service Selection Rule... 
    10-9
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring the Service Selection Policy
The Default Rule—You can change only the access service.
See Table 10-3 for field descriptions:
Step 4Click OK. 
The Service Selection Policy page appears with the rule that you configured. 
Step 5Click Save Changes.
Related Topics
Configuring Access Services, page 10-11
Deleting Service Selection Rules, page 10-10
Table 10-3 Service Selection Rule...

    Page 274

    Page 274 10-10 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring the Service Selection Policy Displaying Hit Counts Use this page to reset and refresh the Hit Count display on the Rule-based Policy page. To display this page, click Hit Count on the Rule-based Policy page. Deleting Service Selection Rules NoteYou cannot delete the Default service selection rule. To delete a service selection rule: Step 1Select Access Policies > Service... 
    10-10
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring the Service Selection Policy
Displaying Hit Counts 
Use this page to reset and refresh the Hit Count display on the Rule-based Policy page.
To display this page, click Hit Count on the Rule-based Policy page.
Deleting Service Selection Rules
NoteYou cannot delete the Default service selection rule.
To delete a service selection rule:
Step 1Select Access Policies > Service...

    Page 275

    Page 275 10-11 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Configuring Access Services Access services contain the authentication and authorization policies for requests. You can create separate access services for different use cases; for example, device administration, wireless network access, and so on. When you create an access service, you define the type of policies and policy structures that it contains; for... 
    10-11
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Configuring Access Services
Access services contain the authentication and authorization policies for requests. You can create 
separate access services for different use cases; for example, device administration, wireless network 
access, and so on.
When you create an access service, you define the type of policies and policy structures that it contains; 
for...

    Page 276

    Page 276 10-12 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Step 3Edit the fields in the Allowed Protocols tab as described in Table 10-7. Step 4Click Submit to save the changes you have made to the default access service. Creating, Duplicating, and Editing Access Services Access services contain the authentication and authorization policies for requests. When you create an access service, you define: Policy structure—The... 
    10-12
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Step 3Edit the fields in the Allowed Protocols tab as described in Table 10-7.
Step 4Click Submit to save the changes you have made to the default access service.
Creating, Duplicating, and Editing Access Services
Access services contain the authentication and authorization policies for requests. 
When you create an access service, you define:
Policy structure—The...

    Page 277

    Page 277 10-13 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Step 2Do one of the following: Click Create. Check the check box next to the access service that you want to duplicate; then click Duplicate. Click the access service name that you want to modify; or, check the check box next to the name and click Edit. Click the access service name in the left navigation tab. The Access Service Properties General page appears.... 
    10-13
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Step 2Do one of the following:
Click Create.
Check the check box next to the access service that you want to duplicate; then click Duplicate. 
Click the access service name that you want to modify; or, check the check box next to the name and 
click Edit.
Click the access service name in the left navigation tab.
The Access Service Properties General page appears....

    Page 278

    Page 278 10-14 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Step 3Click Next to configure the allowed protocols. See Configuring Access Service Allowed Protocols, page 10-15. Description Description of the access service. Access Service Policy Structure Based on service template Creates an access service containing policies based on a predefined template. This option is available only for service creation. Based on... 
    10-14
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Step 3Click Next to configure the allowed protocols. See Configuring Access Service Allowed Protocols, 
page 10-15.
Description Description of the access service. 
Access Service Policy Structure
Based on service template Creates an access service containing policies based on a predefined template. This option is 
available only for service creation.
Based  on...

    Page 279

    Page 279 10-15 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Related Topic Configuring Access Service Allowed Protocols, page 10-15 Configuring Access Services Templates, page 10-19 Configuring Access Service Allowed Protocols The allowed protocols are the second part of access service creation. Access service definitions contain general and allowed protocol information. When you duplicate and edit services, the Access... 
    10-15
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Related Topic
Configuring Access Service Allowed Protocols, page 10-15
Configuring Access Services Templates, page 10-19
Configuring Access Service Allowed Protocols
The allowed protocols are the second part of access service creation. Access service definitions contain 
general and allowed protocol information. When you duplicate and edit services, the Access...

    Page 280

    Page 280 10-16 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 10 Managing Access Policies Configuring Access Services Allow EAP-TLS Enables the EAP-TLS Authentication protocol and configures EAP-TLS settings. You can specify how ACS verifies user identity as presented in the EAP Identity response from the end-user client. User identity is verified against information in the certificate that the end-user client presents. This comparison occurs after an EAP-TLS tunnel is... 
    10-16
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 10      Managing Access Policies
  Configuring Access Services
Allow  EAP-TLS Enables the EAP-TLS Authentication protocol and configures EAP-TLS settings. You can specify 
how ACS verifies user identity as presented in the EAP Identity response from the end-user client. 
User identity is verified against information in the certificate that the end-user client presents. 
This comparison occurs after an EAP-TLS tunnel is...
    Start reading Cisco Acs 5x User Guide

    Related Manuals for Cisco Acs 5x User Guide

    All Cisco manuals