To Next PageTo Next PageWhat to check if dial-in user cannot connect to AAA client using CiscoSecure database in Cisco Secure ACS Software?
If a dial-in user cannot connect to the AAA client, the CiscoSecure user database is used for authentication, and a record of a failed attempt is in the Failed Attempts Report in Cisco Secure ACS Software, confirm that the username has been entered into Cisco Secure ACS.
What to do if browser displays Java message that session connection is lost in Cisco Secure ACS Software?
If your browser displays a Java message indicating that your session connection is lost with Cisco Secure ACS Software, check the idle timeout value for remote administrators in the Administration Control window and increase it as needed.
Why is external user database not available in Group Mapping section of Cisco Secure ACS Software?
If the external user database is not available in the Group Mapping section of Cisco Secure ACS Software, the external database might not be configured in External User Databases, or the username and password may have been entered incorrectly. To solve this, click the relevant external database to configure and ensure the username and password are correct.
How to fix user authentication failure when using PAP in Cisco Secure ACS Software?
If user authentication fails when using PAP in Cisco Secure ACS Software, and the Failed Attempts report indicates outbound PAP is in use, go to Interface Configuration and select the Per-User Advanced TACACS+ Features check box.
How to manually restart services in Cisco Secure ACS Software?
If the 'Restart Services' function isn't working in Cisco Secure ACS Software and the system isn't responding, you can manually restart the services. From the Windows Start menu, go to Control Panel > Services. Locate CSAdmin, click 'Stop,' and then click 'Start'.
What to do if Database Replication is not operating properly in Cisco Secure ACS Software?
If database replication is not operating correctly in Cisco Secure ACS Software, check the following: * Ensure that the server is correctly set as either Send or Receive. * On the sending server, verify that the receiving server is in the Replication list. * On the receiving server, confirm that the sending server is selected in the Accept Replication from list. * Make sure that the replication schedule on the sending Cisco Secure ACS is not conflicting with the replication schedule on the receiving Cisco Secure ACS.
How to fix 'DelsL1.isu' error when upgrading/uninstalling Cisco Secure ACS Software?
If you encounter the error message 'The following file is invalid or the data is corrupted “DelsL1.isu”' when upgrading or uninstalling Cisco Secure ACS Software, delete the following Registry key from the Windows Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CiscoSecure
Why dial-in user cannot connect to AAA client when Telnet connection is authenticated across LAN in Cisco Secure ACS Software?
If a dial-in user is unable to connect to the AAA client, but a Telnet connection can be authenticated across the LAN using Cisco Secure ACS Software, the issue likely lies in one of these areas: * Line/modem configuration problem. Review the documentation that came with your modem and verify that the modem is properly configured.
What to check if dial-in user cannot connect to AAA client using Windows NT/2000 database in Cisco Secure ACS Software?
If a dial-in user is unable to connect to the AAA client, the Windows NT/2000 user database is being used for authentication, and a record of a failed attempt appears in the Failed Attempts Report in Cisco Secure ACS Software, confirm the following from the Windows NT User Manager or Windows 2000 Active Directory Users and Computers: * The username and password are configured in the Windows NT User Manager or Windows 2000 Active Directory Users and Computers.
Why user authorizations are different from expected in Cisco Secure ACS Software?
If a user can authenticate but authorizations are different than expected in Cisco Secure ACS Software, ensure the user settings reflect the correct vendor protocol; for example, Cisco RADIUS.
Cisco Secure ACS provides authentication, authorization, and accounting (AAA) services to network devices.
Compares TACACS+ and RADIUS protocols, including transmission protocol, ports, architecture, and intended purpose.
This section discusses the Cisco Secure ACS HTML interface and provides procedures for using it.
Details the minimum hardware, operating system, third-party software, and network requirements for deploying Cisco Secure ACS.
Presents basic factors to consider before implementing Cisco Secure ACS, including network topology and security policy.
Enables adding or editing up to five fields for recording information on each user.
Determines which advanced features Cisco Secure ACS displays, allowing simplification of pages by hiding unused features.
Details the configuration of the Cisco Secure ACS HTML interface for TACACS+ settings, enabling display or hiding of options.
Allows customization of displayed RADIUS attributes to simplify setup for users or groups.
A powerful feature enabling authentication in networks with multiple AAA servers by forwarding requests.
Enables Cisco Secure ACS to interact with network devices, ensuring correct configuration for AAA services.
Presents procedures for configuring AAA servers in the Cisco Secure ACS HTML interface.
An advanced feature to view and administer a collection of network devices as a single logical group.
Allows configuration of proxy capabilities, including domain stripping, for distributed systems.
Describes downloadable PIX ACLs and provides detailed instructions for configuring and managing them.
Describes network access restrictions (NARs) and provides detailed instructions for configuring and managing shared NARs.
Provides a central mechanism to control authorization of each command on each network device.
Details procedures typically performed regardless of specific network security configuration.
Information and procedures for basic settings and options when configuring a user account.
Details the minimum steps necessary to add a new user account to the CiscoSecure user database.
Details steps for configuring user-level TACACS+ and RADIUS enable parameters.
Provides basic status information about services and enables configuration of service log files.
Configures settings for managing passwords stored in the CiscoSecure user database, including validation options.
Provides information about database replication, including procedures for implementation and configuration.
Information about the RDBMS Synchronization feature, including procedures for implementation.
Information about the Cisco Secure ACS Backup feature, including procedures for implementation.
Information about restoring Cisco Secure ACS from a backup file.
An application-specific service monitoring tool tightly integrated with ACS.
Information about the IP Pools feature, including procedures for creating and maintaining IP pools.
Enables recovery of assigned IP addresses not used for a specified period.
Provides information on installing server certificates, CA certificates, and managing the certificate trust list.
Specifies settings for all EAP and MS-CHAP authentication requests.
Provides procedures for enabling, disabling, viewing, and configuring CSV logs.
Details procedures for preparing for and configuring ODBC logging.
Discusses remote logging capabilities, including centralizing accounting logs from multiple Cisco Secure ACSes.
Provides details about Cisco Secure ACS administrators and their unique accounts.
Details the steps to add a Cisco Secure ACS administrator account.
Affects access to the Cisco Secure ACS HTML interface, allowing limits by IP address, TCP port, and SSL.
Controls various aspects of Cisco Secure ACS administrative sessions, including idle timeout and auto login.
Details how to configure Cisco Secure ACS to use a Windows NT/2000 user database for authentication.
Explains Cisco Secure ACS support for authentication via generic Lightweight Directory Access Protocol (LDAP) databases.
Details support for ODBC-compliant relational databases for user records.
Defines how Cisco Secure ACS handles users not listed in its database by forwarding requests to external databases.
Enables association of unknown users with Cisco Secure ACS groups for assigning authorization profiles.
Maps Windows NT/2000, Novell NDS, or generic LDAP groups to Cisco Secure ACS groups.
Explains how to create a system backup of all Cisco Secure ACS internal data using the -b option.
Describes how to restore all Cisco Secure ACS internal data using the -r option.
Details the steps to create a CiscoSecure user database using the -n option.
General