I updated Cisco ACS from 3.2 to 4.1. After dealing with some issues, we finally got it installed. Now we are facing this remote agent issue. Is there a whole lot of configuration to do for this agent? Below is part of the instructions. I am not real sure what they want me to do. Where is this Cisco computer? Where do we put the Cisco account? We certainly do not have a DC on our network called Cisco. Is it more advisable to put this on a DC or a member server?
Step 1 Add CISCO workstation.
To satisfy Windows requirements for authentication requests, ACS must specify the Windows
workstation in to which the user is attempting to log. Because ACS cannot determine this information
from authentication requests that AAA clients send, it uses a generic workstation name for all requests.
Use CISCO as the name of the workstation.
In the local domain, and in each trusted domain and child domain that ACS will use to authenticate users,
? A computer account named CISCO exists.
? All users that Windows will authenticate have permission to log in to the computer named CISCO.
For more information, see the Microsoft documentation for your operating system.
In the instructions, they say to add CISCO workstation. What exactly does this mean? If we installed it on a member server, the server will be previously named. If we install it on a DC, that will be named as well.
I have configured an account on our NT domain (AD domain) and called it ACSuser. I have made sure the doamin\ACSuser can log on as a service and also Act as part of the Operating System.
I also made sure that the Computer Service CSA Agent had as it's login ACSuser. I have also requested that this Username password never expire.
I have loaded a Windows 2000 server and called it ACSagent1 for right now. It has been added to our Active Directory Users and Computers as ACSAgent1. I then added the Agent one the ACS appliance by calling it ACSagent1 with an IP address of xxx.xxx.114.15. And when I looked at the agent on the appliance, it tells me that Remote Logging and Windows Authentication is not used by this ACS.
When I test from the configuration->systems->servers->authentication servers. I click on my radius server and the it authentication rejects me right away.
I guess one question would be, how do you test your remote agent member server and ACS Se 4.1 connectivity?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :