Adding a aaa client – Cisco 3.3 User Manual

Chapter 4 Network Configuration

AAA Client Configuration

4-16

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

•

Replace RADIUS Port info with Username from this AAA
Client—Enables use of username rather than port number for session state
tracking. This option is useful when the AAA client cannot provide unique
port values, such as a gateway GPRS support node (GGSN). For example, if
you use the Cisco Secure ACS IP pools server and the AAA client does not
provide unique port for each user, Cisco Secure ACS assumes that a reused
port number indicates that the previous user session has ended and
Cisco Secure ACS may reassign the IP address previously assigned to the
session with the non-unique port number. By default, this check box is not
selected.

Note

If this option is enabled, Cisco Secure ACS cannot determine the
number of user sessions for each user. Each session uses the same
session identifier, the username; therefore, the Max Sessions feature
is ineffective for users accessing the network through a AAA client
with this feature enabled.

Adding a AAA Client

You can use this procedure to add a AAA client configuration.

Before You Begin

For descriptions of the options available while adding a AAA client configuration,
see

AAA Client Configuration Options, page 4-11

.

For Cisco Secure ACS to provide AAA services to a AAA client, you must ensure
that gateway devices between AAA clients and Cisco Secure ACS allow
communication over the ports needed to support the applicable AAA protocol
(RADIUS or TACACS+). For information about ports used by AAA protocols,
see

AAA Protocols—TACACS+ and RADIUS, page 1-6

.

To add a AAA client, follow these steps:

Step 1

In the navigation bar, click Network Configuration.

The Network Configuration page opens.