Has anyone configured their APC UPS network managment cards to authenticate to ACS. The cards support radius, and I have that working, but the user only works as read only. How can I get them to work at at admin level ? I am not sure how to pass the attibutes back to the UPS.
I realize that this is a VERY old thread... but... I figured I'd give it a shot.
Has anyone successfully configured an APC UPS network management cards to authenticate in ISE 2.1? I have them authenticating properly in ACS 5.x, so I know the "basics" of setting up the dictionary and believe that I have the "radius vendors" setup correctly. However I'm missing the "policy sets". Similar to the start of this thread, my current ISE setup has all users logging in as "read only".
You need to return some APC Vendor Specific Attributes. These will not be defined in ACS so you'll need to add them. This process is documented in the ACS User Guide - basically you create a .ini file with the VSA info and load it with csutil or rdbms sync.
APCs vendor id is 318. You need to add a single integer attribute "APC-Service-Type" (id #1) which can take the following values:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...