Cisco Cisco NAC Appliance 4.1.0
8-11
Cisco NAC Appliance - Clean Access Server Installation and Administration Guide
OL-12213-01
Chapter 8 Integrating with Cisco VPN Concentrators
Configure Clean Access for VPN Concentrator Integration
Figure 8-9
Add New Auth Server (in CAM)
2.
Choose Cisco VPN SSO from the Authentication Type dropdown menu.
3.
The Provider Name is set by default to Cisco VPN.
4.
From the Default Role dropdown, choose the user role you want VPN client users to be assigned to
for the Clean Access process.
for the Clean Access process.
5.
Enter an optional Description to identify the VPN concentrator in the list of auth servers
6.
Click Add Server.
The new Cisco VPN SSO auth server appears under User Management > Auth Servers > List of
Servers.
Servers.
•
Click the Edit button (
) next to the auth server to modify settings.
•
Click the Mapping button (
) next to the auth server to configure RADIUS attribute-based
mapping rules for Cisco VPN SSO.
See the Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide for further
details.
details.
Create (Optional) Auth Server Mapping Rules
For the Cisco VPN SSO type, you can create mapping rules based on the RADIUS Auth Server attributes
that are passed from the VPN Concentrator to map users into roles. The following RADIUS attributes
can be used to configure Cisco VPN SSO mapping rules:
that are passed from the VPN Concentrator to map users into roles. The following RADIUS attributes
can be used to configure Cisco VPN SSO mapping rules:
•
Class
•
Framed_IP_Address
•
NAS_IP_Address
•
NAS_Port
•
NAS_Port_Type
•
User_Name
•
Tunnel_Client_Endpoint
•
Service_Type
•
Framed_Protocol
•
Acct_Authentic