Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
0
Helpful
2
Replies

personalization of log and authentication parameter

xine xine
Level 1
Level 1

‎12-14-2009 12:06 PM - edited ‎03-10-2019 04:50 PM

Hi !

I curently working of deploying ACS 5.1.0.44 to authenticate administrative session on our telecom devices.  In version 4.2 I had the possibility to have in the log from wich IP address the administrative session is attempt.  I had also able to permit or deny the administrative session base on the IP address of the administrative session request.

I can't find the equivalent parameter in version 5.1, someone can help me ?  I find the location parameter what is probebly for this purpose, but I did not find where I assign the IP address with the location's name.

Also if someone have a better idea to limit the user used by CiscoWorks software for the CiscoWorks software only and denying any other software trying to use CiscoWorks credentials to make an attempt on any devices, and make sure when we see CiscoWorks credentials in the logs we can be sure the connection was made by CiscoWorks software on the device.

Thanks a lot !

Labels:
0 Helpful
2 Replies 2

jrabinow
Level 7
Level 7

‎12-15-2009 12:19 PM

Permit or deny the administrative session base on the IP address of the administrative session request is available on the following page:

System Administration > Administrators > Settings > Access

Can you please clarify what you mean by "log from wich IP address the administrative session is attempt". Audit log records include the IP address of the administrator session.

0 Helpful

xine xine
Level 1
Level 1
In response to jrabinow

‎12-16-2009 03:39 AM

Hi !

this setting is for the administrative session to setup the ACS it-self, what I was asking for is for administrative session for the ACS server it-self.  My question is about administrative session on AAA clients.

We are using CiscoWorks to managedour Cisco's telecom devices.  CiscoWorks need user crendentials to open administrative session when we are use CiscoWork to deploy some changes on our networks.  CiscoWorks need also user's crendential to pick-up a backup copy of the configuration, deploy new IOS and some other job deployment operation.

ACS solution was buyed the make more difficult to impersonate someone else in administrative session on our telecom devices.   Actually because users crendentials are knowed by everyone in the team on this cannot be work in different manner, we would like to deny any administrative session try with CiscoWorks user's crendentials which are not came from CiscoWorks server.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents