Raritan Computer DOMINION KSX II User Manual

Chapter 7: User Management

131

Cisco ACS 5.x for RADIUS Authentication

If you are using a Cisco ACS 5.x server, after you have configured the
KSX II for RADIUS authentication, complete the following steps on the
Cisco ACS 5.x server.

Note: The following steps include the Cisco menus and menu items used
to access each page. Please refer to your Cisco documentation for the
most up to date information on each step and more details on performing
them.



Add the KSX II as a AAA Client (Required) - Network Resources >
Network Device Group > Network Device and AAA Clients



Add/edit users (Required) - Network Resources > Users and Identity
Stores > Internal Identity Stores > Users



Configure Default Network access to enable CHAP Protocol
(Optional) - Policies > Access Services > Default Network Access



Create authorization policy rules to control access (Required) -
Policy Elements > Authorization and Permissions > Network Access
> Authorization Profiles

 Dictionary Type: RADIUS-IETF

 RADIUS Attribute: Filter-ID

 Attribute Type: String

 Attribute Value: Raritan:G{KVM_Admin} (where KVM_Admin is

group name created locally on Dominion KVM Switch). Case
sensitive.



Configure Session Conditions (Date and Time) (Required) - Policy
Elements > Session Conditions > Date and Time



Configure/create the Network Access Authorization Policy
(Required) - Access Policies > Access Services > Default Network
Access>Authorization