Cisco 3.3 User Manual

Chapter 4 Network Configuration

AAA Client Configuration

4-18

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Step 7

From the Authenticate Using list, select the network security protocol used by the
AAA client.

Tip

If you are uncertain which protocol to select on the Authenticate Using
list, see

AAA Client Configuration Options, page 4-11

.

Step 8

If you want to enable a single connection from a AAA client, rather than a new
one for every TACACS+ request, select the Single Connect TACACS+ AAA
Client (Record stop in accounting on failure) check box.

Note

If TCP connections between Cisco Secure ACS and the AAA client are
unreliable, do not use this feature.

Step 9

If you want to enable logging of watchdog packets, select the Log
Update/Watchdog Packets from this AAA Client check box.

Step 10

If you want to enable logging of RADIUS tunneling accounting packets, select the
Log RADIUS tunneling Packets from this AAA Client check box.

Step 11

If you want to track session state by username rather than port number, select the
Replace RADIUS Port info with Username from this AAA check box.

Note

If this option is enabled, Cisco Secure ACS cannot determine the number
of user sessions for each user. Each session uses the same session
identifier, the username; therefore, the Max Sessions feature is ineffective
for users accessing the network through a AAA client with this feature
enabled.

Step 12

If you want to save your changes and apply them immediately, click
Submit + Restart.

Note

Restarting the service clears the Logged-in User report and temporarily
interrupts all Cisco Secure ACS services. This affects the Max Sessions
counter.