beautypg.com

Cisco 3.3 User Manual

Page 292

background image

Chapter 7 User Management

Advanced User Authentication Settings

7-46

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Setting Cisco VPN 5000 Concentrator RADIUS Parameters for a User

The Cisco VPN 5000 Concentrator RADIUS attribute configurations display only
if all the following are true:

A AAA client is configured to use RADIUS (Cisco VPN 5000) in Network
Configuration.

The Per-user TACACS+/RADIUS Attributes check box is selected under
Advanced Options in the Interface Configuration section.

User-level RADIUS (Cisco VPN 5000) attributes you want to apply are
enabled under RADIUS (Cisco VPN 5000) in the Interface Configuration
section.

Cisco VPN 5000 Concentrator RADIUS represents only the Cisco VPN 5000
Concentrator VSA. You must configure both the IETF RADIUS and Cisco VPN
5000 Concentrator RADIUS attributes.

Note

To hide or display Cisco VPN 5000 Concentrator RADIUS attributes, see

Setting

Protocol Configuration Options for Non-IETF RADIUS Attributes, page 3-17

. A

VSA applied as an authorization to a particular user persists, even when you
remove or replace the associated AAA client; however, if you have no AAA
clients of this (vendor) type configured, the VSA settings do not appear in the user
configuration interface.

To configure and enable Cisco VPN 5000 Concentrator RADIUS attributes to be
applied as an authorization for the current user, follow these steps:

Step 1

Perform Step 1 through Step 3 of

Adding a Basic User Account, page 7-4

.

The User Setup Edit page opens. The username being added or edited is at the top
of the page.

Step 2

Before configuring Cisco VPN 5000 Concentrator RADIUS attributes, be sure
your IETF RADIUS attributes are configured properly. For more information
about setting IETF RADIUS attributes, see

Setting IETF RADIUS Parameters for

a User, page 7-38

.