To Next PageTo Next PageWhy administrator is not receiving e-mail from Cisco Secure ACS Software?
If the administrator configured for event notification isn't receiving emails from Cisco Secure ACS Software, verify that the SMTP server name is correct. If the name is correct, ensure that the Cisco Secure ACS server can ping the SMTP server or send emails via a third-party email software. Also, confirm that you have not used underscores in the email address.
What to do if browser displays Java message that session connection is lost in Cisco Secure ACS Software?
If your browser displays a Java message indicating that your session connection is lost with Cisco Secure ACS Software, check the idle timeout value for remote administrators in the Administration Control window and increase it as needed.
Why is external user database not available in Group Mapping section of Cisco Secure ACS Software?
If the external user database is not available in the Group Mapping section of Cisco Secure ACS Software, the external database might not be configured in External User Databases, or the username and password may have been entered incorrectly. To solve this, click the relevant external database to configure and ensure the username and password are correct.
How to fix user authentication failure when using PAP in Cisco Secure ACS Software?
If user authentication fails when using PAP in Cisco Secure ACS Software, and the Failed Attempts report indicates outbound PAP is in use, go to Interface Configuration and select the Per-User Advanced TACACS+ Features check box.
How to manually restart services in Cisco Secure ACS Software?
If the 'Restart Services' function isn't working in Cisco Secure ACS Software and the system isn't responding, you can manually restart the services. From the Windows Start menu, go to Control Panel > Services. Locate CSAdmin, click 'Stop,' and then click 'Start'.
What to do if Database Replication is not operating properly in Cisco Secure ACS Software?
If database replication is not operating correctly in Cisco Secure ACS Software, check the following: * Ensure that the server is correctly set as either Send or Receive. * On the sending server, verify that the receiving server is in the Replication list. * On the receiving server, confirm that the sending server is selected in the Accept Replication from list. * Make sure that the replication schedule on the sending Cisco Secure ACS is not conflicting with the replication schedule on the receiving Cisco Secure ACS.
Why Cisco IOS commands are not being denied in Cisco Secure ACS Software?
If Cisco IOS commands are not being denied when checked in Cisco Secure ACS Software, examine the Cisco IOS configuration at the AAA client. If not present, add the command: aaa authorization command default group TACACS+. Ensure the correct syntax for arguments in the text box is permitargument or denyargument.
How to fix AAA client timeout when authenticating against Windows NT/2000 in Cisco Secure ACS Software?
If the AAA client times out when authenticating against Windows NT/2000 using Cisco Secure ACS Software, increase the TACACS+ timeout interval from the default of 5 to 20. Set the Cisco IOS command as follows: tacacs-server timeout 20
What causes external user database unavailability in Group Mapping section of Cisco Secure ACS Software?
If the external user database is not available in the Group Mapping section of Cisco Secure ACS Software, the external database might not be configured in External User Databases, or the username and password may have been entered incorrectly. To resolve this, click the applicable external database to configure. Make sure the username and password are correct.
Why user authorizations are different from expected in Cisco Secure ACS Software?
If a user can authenticate but authorizations are different than expected in Cisco Secure ACS Software, ensure the user settings reflect the correct vendor protocol; for example, Cisco RADIUS.
Cisco Secure ACS provides authentication, authorization, and accounting (AAA) services to network devices.
Compares TACACS+ and RADIUS protocols, including transmission protocol, ports, architecture, and intended purpose.
This section discusses the Cisco Secure ACS HTML interface and provides procedures for using it.
Details the minimum hardware, operating system, third-party software, and network requirements for deploying Cisco Secure ACS.
Presents basic factors to consider before implementing Cisco Secure ACS, including network topology and security policy.
Enables adding or editing up to five fields for recording information on each user.
Determines which advanced features Cisco Secure ACS displays, allowing simplification of pages by hiding unused features.
Details the configuration of the Cisco Secure ACS HTML interface for TACACS+ settings, enabling display or hiding of options.
Allows customization of displayed RADIUS attributes to simplify setup for users or groups.
A powerful feature enabling authentication in networks with multiple AAA servers by forwarding requests.
Enables Cisco Secure ACS to interact with network devices, ensuring correct configuration for AAA services.
Presents procedures for configuring AAA servers in the Cisco Secure ACS HTML interface.
An advanced feature to view and administer a collection of network devices as a single logical group.
Allows configuration of proxy capabilities, including domain stripping, for distributed systems.
Describes downloadable PIX ACLs and provides detailed instructions for configuring and managing them.
Describes network access restrictions (NARs) and provides detailed instructions for configuring and managing shared NARs.
Provides a central mechanism to control authorization of each command on each network device.
Details procedures typically performed regardless of specific network security configuration.
Information and procedures for basic settings and options when configuring a user account.
Details the minimum steps necessary to add a new user account to the CiscoSecure user database.
Details steps for configuring user-level TACACS+ and RADIUS enable parameters.
Provides basic status information about services and enables configuration of service log files.
Configures settings for managing passwords stored in the CiscoSecure user database, including validation options.
Provides information about database replication, including procedures for implementation and configuration.
Information about the RDBMS Synchronization feature, including procedures for implementation.
Information about the Cisco Secure ACS Backup feature, including procedures for implementation.
Information about restoring Cisco Secure ACS from a backup file.
An application-specific service monitoring tool tightly integrated with ACS.
Information about the IP Pools feature, including procedures for creating and maintaining IP pools.
Enables recovery of assigned IP addresses not used for a specified period.
Provides information on installing server certificates, CA certificates, and managing the certificate trust list.
Specifies settings for all EAP and MS-CHAP authentication requests.
Provides procedures for enabling, disabling, viewing, and configuring CSV logs.
Details procedures for preparing for and configuring ODBC logging.
Discusses remote logging capabilities, including centralizing accounting logs from multiple Cisco Secure ACSes.
Provides details about Cisco Secure ACS administrators and their unique accounts.
Details the steps to add a Cisco Secure ACS administrator account.
Affects access to the Cisco Secure ACS HTML interface, allowing limits by IP address, TCP port, and SSL.
Controls various aspects of Cisco Secure ACS administrative sessions, including idle timeout and auto login.
Details how to configure Cisco Secure ACS to use a Windows NT/2000 user database for authentication.
Explains Cisco Secure ACS support for authentication via generic Lightweight Directory Access Protocol (LDAP) databases.
Details support for ODBC-compliant relational databases for user records.
Defines how Cisco Secure ACS handles users not listed in its database by forwarding requests to external databases.
Enables association of unknown users with Cisco Secure ACS groups for assigning authorization profiles.
Maps Windows NT/2000, Novell NDS, or generic LDAP groups to Cisco Secure ACS groups.
Explains how to create a system backup of all Cisco Secure ACS internal data using the -b option.
Describes how to restore all Cisco Secure ACS internal data using the -r option.
Details the steps to create a CiscoSecure user database using the -n option.
General