Cisco Systems CSACS3415K9 Manual De Usuario
4-6
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 4 Common Scenarios Using ACS
Password-Based Network Access
Note
During password-based access (or certificate-based access), the user is not only authenticated but also
authorized according to the ACS configuration. And if NAS sends accounting requests, the user is also
accounted.
authorized according to the ACS configuration. And if NAS sends accounting requests, the user is also
accounted.
ACS supports the following password-based authentication methods:
•
Plain RADIUS password authentication methods
–
RADIUS-PAP
–
RADIUS-CHAP
–
RADIUS-MSCHAPv1
–
RADIUS-MSCHAPv2
•
RADIUS EAP-based password authentication methods
–
PEAP-MSCHAPv2
–
PEAP-GTC
–
EAP-FAST-MSCHAPv2
–
EAP-FAST-GTC
–
EAP-MD5
–
LEAP
You must choose the authentication method based on the following factors:
•
The network access server—Wireless access points, 802.1X authenticating switches, VPN servers,
and so on.
and so on.
•
The client computer and software—EAP supplicant, VPN client, and so on.
•
The identity store that is used to authenticate the user—Internal or External (AD, LDAP, RSA token
server, or RADIUS identity server).
server, or RADIUS identity server).
Related Topics
•
•
•
•