Case Studies


This case study goes through the configuration of User Authentication for managing Common Services using a Local database and an AAA Server.

Work through the following steps to authenticate the user against the local database:

Step 1.

Select Server Configuration>Setup>Security>Select Login Module.

Step 2.

Click CiscoWorks Local in the available module field. Then click Next.

Step 3.

Click False in the debug field unless additional debug log files are needed.

Step 4.

Click Finish.

The next time a user logs in, Common Services local login module will be used.

If you decide at this time to perform user authentication using a TACACS+ server, work through the following steps:

Step 1.

Select Server Configuration>Setup>Security>Select Login Module.

Step 2.

Select TACACS+ for Login Module.

Step 3.

Click Next.

Step 4.

Specify the IP address and the Key for the TACACS+ server. For Login fallback options, select the second radio button to enable the admin user to log in the event when TACACS+ server is unreachable.

Step 5.

Click Finish.

It is important to synchronize to authentication server to use the AAA server for user authentication. Work through the following steps to perform this task:

Step 1.

Go to VPN/Security Management Solution > Administration > Common Services > Configuration > AAA Server.

Step 2.

Click the Synchronize button. This will clear the previous server information.

Step 3.

Select the ACS option under "AAA Server Info." AAA server details will be populated automatically from the previous AAA server definition. Under Login, define Administrator Name and password along with the Shared Secret Key.

Then either click on Finish to save the configuration, or optionally, if you want to perform authorization for different MCs, then on the same page, click on Register. Then move Available Application to Selected Application. Then click OK. This will push the Authorization parameters for the MCs selected to the AAA server so that authorization can be turned on by CS ACS.

The following are the configuration steps required on the Cisco Secure ACS server for CiscoWorks Common Services Authentication:

Step 1.

On CS ACS GUI, go to Administration Control > Add Administrator. Create an administrator account for Common Services. This administrator account is used by the CiscoWorks Common Services to complete the registration process, which is required to turn on authorization for different MCs.

Step 2.

Configure CiscoWorks Common Services as an AAA client on the CS ACS Server by going to the NAS Configuration page on CS ACS GUI.

Step 3.

Add a user account and map these users to their corresponding groups.

Step 4.

Edit the group to which the users belong, and select the authorization parameter for the corresponding MCs.



Cisco Network Security Troubleshooting Handbook
Cisco Network Security Troubleshooting Handbook
ISBN: 1587051893
EAN: 2147483647
Year: 2006
Pages: 190
Authors: Mynul Hoda

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net