Home > Articles > Cisco Network Technology > Security > Getting Familiar with Cisco Secure Access Control Server

Getting Familiar with Cisco Secure Access Control Server

  • Sample Chapter is provided courtesy of Cisco Press.
  • Date: Dec 3, 2004.

Chapter Description

This chapter covers the basics of the Cisco Secure Access Control Server interface, and familiarizes you with the very simplest of actions in this medium.

Configuring Your Interface

You have modified the authentication policy and configured session policy. You now are almost ready to make ACS work for you. Now you configure the interface to make it easier to manage, which is the goal in the coming sections. To do this, you need to disable some of the advanced options. Don't worry; when the time comes, you will enable them again.

TACACS+ Settings

To ease your configuration and help make things a little easier while you are learning, you need to disable some of the advanced TACACS+ features. You disable any advanced configurations at this point, and as you increase the functionality of ACS by adding more for it to do, you bring these configuration parameters back. Follow these steps to turn off the advanced TACACS+ settings:

Step 1

Begin with accessing the Interface Configuration section by clicking the left menu button titled Interface Configuration.

Step 2

In the beginning of this chapter, Interface Configuration was discussed as well as how selecting an option makes certain options visible in the HTML interface. Here, simply select the link TACACS+ (Cisco IOS). This refreshes your screen to the edit page.

Step 3

Deselect Advanced TACACS+ Features.

Step 4

Select Display Time-of-Day access grid for every TACACS+ service so you can override the default Time-of-Day settings. This is shown in Figure 6-18.

Step 5

Ensure that Display a window for each service selected in which you can enter customized TACACS+ attributes is deselected.

Step 6

Ensure that Display enable default (Undefined) service configuration is deselected.

Step 7

Select Submit.

The preceding steps are going to allow you to see a Time-of-Day grid where you have the control to configure Time-of-Day parameters. This might not be the first thing you always want to do; however, it is very noticeable when made visible, and that is the goal here.

To check your work, follow these steps:

Step 1

Click Group Setup.

Step 2

Select Edit Settings.

Step 3

You should be able to see the Time-of-Day grids.

Figure 18Figure 6-18 Configuring Time-of-Day Settings

Advanced Options

Another way to clear out some of the clutter when you are learning is to disable the Advanced Configuration options. You might want to configure these settings, but for now, turn all of them off except for the Per-user TACACS/RADIUS Attributes. To do so, follow these simple steps:

Step 1

Select Interface Configuration.

Step 2

Select Advanced Options.

Step 3

Ensure sure that everything except Per-user TACACS+/RADIUS Attributes is deselected. This enables you to do some individual user configurations without crowding the interface with all the available options.

Step 4

After you complete these steps, verify that your configuration matches Figure 6-19. Figure 6-19 demonstrates the selection of Per-user TACACS+/RADIUS Attributes.

Figure 19Figure 6-19 Per-User TACACS+/RADIUS Attributes

4. Preparing to Add Users | Next Section Previous Section