Cisco Systems CSACS3415K9 Manual De Usuario
4-7
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 4 Common Scenarios Using ACS
Password-Based Network Access
Password-Based Network Access Configuration Flow
This topic describes the end-to-end flow for password-based network access and lists the tasks that you
must perform. The information about how to configure the tasks is located in the relevant task chapters.
must perform. The information about how to configure the tasks is located in the relevant task chapters.
To configure password-based network access:
Step 1
Configure network devices and AAA clients.
a.
In the
, configure the Authentication Setting as
RADIUS.
b.
Enter the Shared Secret.
See
, for more information.
Step 2
Configure the users and identity stores. For more information, see
Step 3
Step 4
Define an access service. For more information, see
a.
Set the Access Service Type to Network Access.
b.
Select one of the ACS-supported protocols in the Allowed Protocols Page and follow the steps in
the Action column in
the Action column in
.
Step 5
Add the access service to your service selection policy. For more information, see
Step 6
Return to the service that you created and in the Authorization Policy Page, define authorization rules.
For more information, see
For more information, see
.
Table 4-1
Network Access Authentication Protocols
Protocol
Action
Process Host Lookup
(MAB)
(MAB)
In the Allowed Protocols Page, choose Process Host Lookup.
RADIUS PAP
In the Allowed Protocols Page, choose Allow PAP/ASCII.
RADIUS CHAP
In the Allowed Protocols Page, choose Allow CHAP.
RADIUS MSCHAPv1
In the Allowed Protocols Page, choose Allow MS-CHAPv1.
RADIUS MSCHAPv2
In the Allowed Protocols Page, choose Allow MS-CHAPv2.
EAP-MD5
In the Allowed Protocols Page, choose Allow EAP-MD5.
LEAP
In the Allowed Protocols Page, choose Allow LEAP.