I want to use the ACS SE to authenticate MARS users. As per the User Guide: Admin -> System Setup -> Authentication Configuration -> AAA Server Configuration -> Add. I only have two options: "Add AAA server on new host" and "Add AAA server on existing host". There is no "Add AAA server on an ACS SE appliance" option. Ok, so I add an AAA server on a new host, using the IP address of the ACS SE as the access/reporting/interface IP. I add the "Generic AAA Server" application to the host, I add the AAA server as the primary AAA server in the "Authentication Method", I configure the MARS as a RADIUS client on the ACS SE, and everything works as expected. MARS users authenticate without any issues.
The problem is that I want to use the ACS SE as a reporting device, also.
I can not add it as an "ACS SE 4.x" device, because the reporting IP is already in use by the AAA host created earlier.
Another approach is to install the ACS SE Remote Agent on a computer, but I'm not sure how it works. Let me know if this is correct:
- on the ACS SE, I don't configure syslog logging to the MARS appliance. Instead, I add the remote agent in the Network Configuration, and I configure remote logging to the remote agent
- on the MARS appliance, I add the remote agent as an "ACS SE 4.x" device.
- but then, how do I configure the remote agent to send syslog to the MARS?
Does this sound right?
Another unrelated question: is there a way to use the SNMP agent inside CS ACS from MARS? There is no place to configure an SNMP community string neither under host configuration, nor under ACS SE 4.x configuration.
Any help appreciated. Thanks!
You don't need to configure Remote Agent for logging from ACS SE to MARS. Remote Agent functionality is to send syslog messages to a windows host because ACS SE is an appliance which can't hold too many of the loggings as it grows. Remote Agent logging is also only supported on ACS SE.
You can log syslog messages directly from ACS SE to MARS as follows:
This is the configuration on ACS SE:
SNMP is not supported for ACS SE:
Here is a little reading on Remote Agent for ACS SE:
Hope the above helps.