Cisco Systems Servers Benutzerhandbuch
Chapter 1 Overview of Cisco Secure ACS
Cisco Secure ACS HTML Interface
1-24
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Uniform Resource Locator for the HTML Interface
The HTML interface is available by web browser at one of the following uniform
resource locators (URLs):
resource locators (URLs):
•
http://Windows server IP address:2002
•
http://Windows server host name:2002
From the server on which Cisco Secure ACS is installed, you can also use the
following URLs:
following URLs:
•
http://localhost:2002
•
http://127.0.0.1:2002
Network Environments and Remote Administrative Sessions
We recommend that remote administrative sessions take place without the use of
an HTTP proxy server, without a firewall between the remote browser and the
Cisco Secure ACS server, and without a NAT gateway between the remote
browser and the Cisco Secure ACS server. Because these limitations are not
always practical, we included the following topics regarding these remote
administration scenarios.
an HTTP proxy server, without a firewall between the remote browser and the
Cisco Secure ACS server, and without a NAT gateway between the remote
browser and the Cisco Secure ACS server. Because these limitations are not
always practical, we included the following topics regarding these remote
administration scenarios.
Remote Administrative Sessions and HTTP Proxy
Cisco Secure ACS does not support HTTP proxy for remote administrative
sessions. If the browser used for a remote administrative session is configured to
use a proxy server, Cisco Secure ACS sees the administrative session originating
from the IP address of the proxy server rather than the actual address of the remote
workstation. Remote administrative session tracking assumes each browser
resides on a workstation with a unique IP.
sessions. If the browser used for a remote administrative session is configured to
use a proxy server, Cisco Secure ACS sees the administrative session originating
from the IP address of the proxy server rather than the actual address of the remote
workstation. Remote administrative session tracking assumes each browser
resides on a workstation with a unique IP.
Also, IP filtering of proxied administrative sessions has to be based on the IP
address of the proxy server rather than the IP address of the workstation. This
conflicts with administrative session communication that does use the actual IP
address of the workstation. For more information about IP filtering of remote
administrative sessions, see the
address of the proxy server rather than the IP address of the workstation. This
conflicts with administrative session communication that does use the actual IP
address of the workstation. For more information about IP filtering of remote
administrative sessions, see the