Cisco Systems Servers Manuale Utente
8-53
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 8 Establishing Cisco Secure ACS System Configuration
IP Pools Server
To use IP pools, the AAA client must have network authorization (
aaa
authorization network
) and accounting (
aaa accounting
) enabled.
Note
To use the IP Pools feature, you must set up your AAA client to perform
authentication and accounting using the same protocol—either TACACS+ or
RADIUS.
authentication and accounting using the same protocol—either TACACS+ or
RADIUS.
For information on assigning a group or user to an IP pool, see the
or the
.
Allowing Overlapping IP Pools or Forcing Unique Pool Address
Ranges
Ranges
Cisco Secure ACS provides automated detection of overlapping pools.
Note
To use overlapping pools, you must be using RADIUS with virtual private
networking, and you cannot be using Dynamic Host Configuration Protocol
(DHCP).
networking, and you cannot be using Dynamic Host Configuration Protocol
(DHCP).
You can determine whether overlapping IP pools are currently allowed by
checking which button appears below the AAA Server IP Pools table:
checking which button appears below the AAA Server IP Pools table:
•
Allow Overlapping Pool Address Ranges—Indicates that overlapping IP
pool address ranges are currently not allowed. Clicking the button allows IP
address ranges to overlap between pools.
pool address ranges are currently not allowed. Clicking the button allows IP
address ranges to overlap between pools.
•
Force Unique Pool Address Range—Indicates that overlapping IP pool
address ranges are currently allowed. Clicking the button prevents IP address
ranges from overlapping between pools.
address ranges are currently allowed. Clicking the button prevents IP address
ranges from overlapping between pools.