Overview of CiscoSecure Access Control Server

Until this point, we have discussed the commands to implement AAA services on a router and how to define a AAA server on the router. We now discuss the Cisco AAA server, which is CSACS. CSACS is a comprehensive identity networking solution; it is a highly scalable, high-performance access-control server that provides for centralized management of a user access-control framework. You configure CSACS using a Web-based, graphical interface.

Figure 5.5 displays the CSACS main window after you successfully log in to the server. To configure specific components , simply click on one of the icons on the left side of the window.

You must specify the port number 2002 when connecting to the ACS. If you do not, you will not get to the ACS login screen. An example of the URL is http://30.100.99.86:2002 .

If you are unfamiliar with which AAA service provides for identity, re-read the section "Configuring AAA Authentication." One of the main purposes of the CSACS product is to provide identity services.

The premier identity product for Cisco is CSACS. You use CSACS to ensure that users are who they say they are.

With CSACS, you can run TACACS+ services, RADIUS services, or both services on CSACS simultaneously .

Remember, it is important that you configure the AAA server first and then configure the router so that you do not get locked out of the router.