×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco Secure ACS for NT 2.4

Unanswered Question

Well I have 3620 which is used for remote clients to dial-in and to connect to our internal network. I was using internal(local router account database) i.e creating account for each user on router. Now I wanted to use my existing NT account database for users to authenticate via dial-up. I bought Cisco Secure ACS for NT 2.4 to solve this problem. Now I need help how to implement this. Right now i want both my local router database and NT account database to work parallel..I need some sample configurations...or help

will this command on my router

aaa authentication ppp default if-need local


will work

i need help..and urgent

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bob.short Fri, 10/06/2000 - 10:40
User Badges:

Our online TAC has a number of documents that will assist you in your deployment of Cisco Secure ACS NT. Please look through:

http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Software:Cisco_Secure_ACS_NT


Should you have specific issues pertaining to your

installation, please open a TAC case by clicking "Open A TAC Case" from:

http://www.cisco.com/cgi-bin/ibld/view.pl?i=support


Hi shabib,


I suppose you want to authenticate users via local as well as remote account database. After you configure Cisco secure properly It is possible to configure Cisco IOS to utilize both of the databases, but one after another.


Here is the IOS commands in global config mode needed to accomplish this


aaa new-model

aaa authentication login default local radius

aaa authentication ppp default radius local

aaa authorization exec default local radius

aaa authorization network default radius

aaa accounting exec default start-stop radius

aaa accounting network default start-stop radius

and to specify your remote security server use


radius-server host ip-addr auth-port xxx acct-port xxx non-standard

radius-server key xxxxx

Please refer to Cisco IOS security configuration guide at www.cisco.com for complete reference.


I think Cisco secure is available with both tacacs+ and radius protocols. Configure your router for appropriate protocol and dont forget to specify correct IP address , ports and shared key for your Cisco secure server.


If you need more help, plz dont hesitate to ask.


Best regards.



hey thanks arsalan......I successfully installed and configured the Cisco Secure ACS using TACACS+, also was able to use both the database, now i finally got rid of the local database. And this is running good for 2 months now......ne ways thanks for a reply.....I am now planning to use this TACACS+ Server to authenticate my VPN clients terminating on PIX. if u have ne experience with that, prob u can hel me there........

Actions

This Discussion