Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ACS Appliance

I am expected to install the Cisco ACS solution in a HA environment. These will be RedHat boxes that do not log onto any kind of Microsoft AD domain. They are very much isolated. I want to use the ACS to do 801.x for the switch points and system boot up. I also want to use them for logging into the routers and switches.

First, can this be done without AD?

Second, what kind of hardware is in the actual ACS Appliance Boxes? Customer is very concerned about using redundant Windows servers.

Third, do I need any kind of agent running on the RedHat boxes to authenticate workstations? I am guessing there is simply a service that I need to enable.

Any help is appreciated.

James

1 REPLY

Re: Cisco ACS Appliance

You need some sort of database for the users. That database can be Windows AD, a local database (stored on the appliance), LDAP, RSA, or another RADIUS server. For a small group, a local user database would be fine (the database can be replicated between ACS SE appliances for redundancy).

The appliance is proprietary Cisco hardware running a closed/hardened version of Windows Server 2003. You can only access the appliance via console serial port, web browser, and SSH/Telnet. There is no keyboard, mouse, monitor, etc.

Don't know about an agent, but if Red Hat includes an 802.1X supplicant with their OS, then you don't need anything else. Most current operating systems include 802.1X capabilities (Windows XP, Vista, 7, MAC OS X, etc.), so I'm guessing the Linux crowd with "enterprise" distribution does, too.

435
Views
0
Helpful
1
Replies
CreatePlease login to create content