ACS1113 & crypto

Unanswered Question
Jul 18th, 2007

folks

i need to implement an ssl vpn over the web into my network and i have a clean acs1113

i'm told that the acs1113 can be used to authenticate the static username and passwords associated with the vpn client but that i need a separate box to house the crypto database (we're using two factor authentication)

does anyone know what spec the dbase server needs to be?

i'll have around 1000 users max with 50 - 100 concurrent at one time

many thanks to anyone taking the time to reply

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
didyap Tue, 07/24/2007 - 14:08

New storage infrastructure?ACS now uses an SQL database to store all the user and configuration information. The new ACS internal database improves scaling and performance, and is less reliant on the Windows Registry. The Windows Registry will be used only for application information. A new database password is required during installation. The password is stored in the Windows registry using Microsoft Crypto API. The database is encrypted by using a hash of customer-provided password and an internal password. You can use the ACS SE CLI to change the password.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/prod_release_note09186a00808106c5.html

Actions

This Discussion