Setting max sessions options for a user – Cisco 3.3 User Manual

Chapter 7 User Management

Basic User Setup Options

7-16

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

d.

Click enter.

The information, specifying the AAA client, port, CLI, and DNIS, appears in
the table above the AAA Client list.

Step 5

Do one of the following:

•

If you are finished configuring the user account options, click Submit to
record the options.

•

To continue to specify the user account options, perform other procedures in
this chapter, as applicable.

Setting Max Sessions Options for a User

The Max Sessions feature enables you to set the maximum number of
simultaneous connections permitted for this user. For Cisco Secure ACS
purposes, a session is considered any type of user connection supported by
RADIUS or TACACS+, for example PPP, or Telnet, or ARAP. Note, however, that
accounting must be enabled on the AAA client for Cisco Secure ACS to be aware
of a session. All session counts are based on user and group names only.
Cisco Secure ACS does not support any differentiation by type of session—all
sessions are counted as the same. To illustrate, a user with a Max Session count
of 1 who is dialed in to a AAA client with a PPP session will be refused a
connection if that user then tries to Telnet to a location whose access is controlled
by the same Cisco Secure ACS.

Note

Each Cisco Secure ACS holds its own Max Sessions counts. There is no
mechanism for Cisco Secure ACS to share Max Sessions counts across multiple
Cisco Secure ACSes. Therefore, if two Cisco Secure ACS are set up as a mirror
pair with the workload distributed between them, they will have completely
independent views of the Max Sessions totals.

Tip

If the Max Sessions table does not appear, click Interface Configuration, click
Advanced Options, and then select the Max Sessions check box.