Cisco acs radius server, Configure the cisco acs server – Raritan Computer DOMINION DSX-0N-E User Manual

Page 213

Advertising
background image

A

PPENDIX

D:

S

ERVER

C

ONFIGURATION

195

15. Move the new policy so it appears as the first (top) policy in the Policy List.

Note: If required, create a policy to allow dialup access to all users that are members of a
group (Windows may already have a default Policy in place to permit access by any user with
Dial In enabled, so this new policy would be optional. If you want to use a new Policy, ensure
that it appears above the default policy).

16. Ensure that the service is started.
17. Ensure that the Active Directory / Local account for the user has Dial In access enabled

in their user profile. If the Windows 2000 Domain server is in Native Mode and IAS is
registered with the Active Directory, you can set the User Profile -> Dial In setting to
use Remote Access Policies.

Cisco ACS RADIUS Server

The Cisco Access Control Server (ACS) is another authentication solution supported by the
Dominion SX unit. For the Dominion SX to support RADIUS, both the unit and the user
information must be added into the RADIUS configuration.

Configure the Dominion SX to use a Cisco ACS Server

The following procedure configures the Dominion SX unit to work with a Cisco Radius Server.

1. Select the User Management tab on DSX screen.
2. Go to the Configuration section.
3. Select the User Group List.
4. Click on Add New User Group.

You can define port access and user class (operator or observer). This user group will be used
later as a value to the Filter-Id attribute on the Cisco Radius Server. The Dominion SX comes
with factory default group Admin that will be used as an example in this section; however, any
local group can be used as value to the Filter-Id attribute on the Cisco ACS Server.

Notes: Group names are case sensitive and must match exactly those defined in the
Filter-Id attribute on the Radius server.

Only Version 3.1 of the Cisco Radius Server has been tested; however, other versions of the
RADIUS server should operate with the DSX.

Configure the Cisco ACS Server

1. Log on to Cisco ACS Server using the browser.
2. Type your Username and Password.
3. Click Login.
4. Click Network Configuration in the left panel of the screen and select Add Entry to

add/edit an AAA Client. This must be done for each unit that is going to be accessed via
RADIUS.

5. Click on the Authenticate Using drop-down menu and select RADIUS (IETF).
6. Click Submit.
7. Click Interface Configuration in the left panel of the screen.
8. Click on the RADIUS (IETF) link to edit properties.
9. Under the User and Group columns, place a checkmark in the check boxes before

Filter-Id.

10. Click Submit.

Advertising
Popular Brands
Popular manuals