Chapter 2
Configuring Authentication and Accounting Services
Configuring the AAA Server
Configuring a TACACS+ Server
Note
Configuring Authentication Settings on the TACACS+ Server
Step 1
Step 2
OL-16202-01
This section describes how to set up a TACACS+ or RADIUS server such as the
Cisco Secure Access Control Server (ACS). It also covers general guidelines for
setting up an LDAP directory server, such as OpenLDAP Software available from
OpenLDAP Project. This section is intended as a guide to help ensure proper
communication with the AAA server and an ACE operating as the AAA client.
For details on configuring the Cisco Secure ACS, OpenLDAP Software, or
another AAA server, see the documentation that is provided with the software.
This section contains the following topics:
Configuring Authentication Settings on the TACACS+ Server
•
Configuring Accounting Settings on the TACACS+ Server
•
Defining Private Attributes for Virtualization Support in a TACACS+ Server
•
For the ACE to properly perform user authentication using a TACACS+ server, the
username and password must be identical on both the ACE and the TACACS+
server.
To configure the TACACS+ authentication settings on Cisco Secure ACS,
perform the following steps:
Go to the Network Configuration section of the Cisco Secure ACS HTML
interface, and then go to the Add AAA Client page.
Configure the following selections:
AAA Client Hostname—Enter the name that you want assigned to the ACE.
•
AAA Client IP Address—Enter the IP address of the Ethernet interface that
•
will be used for communicating with the TACACS+ server.
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring the AAA Server
2-11