beautypg.com

Cisco 3.3 User Manual

Page 561

background image

13-77

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 13 User Databases

LEAP Proxy RADIUS Server Database

Step 7

In the following boxes, type the required information:

Primary Server Name/IP—IP address of the primary proxy RADIUS server.

Secondary Server Name/IP—IP address of the secondary proxy RADIUS
server.

Shared Secret—The shared secret of the proxy RADIUS server. This must
be identical to the shared secret with which the proxy RADIUS server is
configured.

Authentication Port—The UDP port over which the proxy RADIUS server
conducts authentication sessions. If the LEAP Proxy RADIUS server is
installed on the same Windows server as Cisco Secure ACS, this port should
not be the same port used by Cisco Secure ACS for RADIUS authentication.
For more information about the ports used by Cisco Secure ACS for
RADIUS, see

RADIUS, page 1-7

.

Timeout (seconds):—The number of seconds Cisco Secure ACS waits
before sending notification to the user that the authentication attempt has
timed out.

Retries—The number of authentication attempts Cisco Secure ACS makes
before failing over to the secondary proxy RADIUS server.

Failback Retry Delay (minutes)—The number of minutes after which
Cisco Secure ACS attempts authentications using a failed primary proxy
RADIUS server.

Note

If both the primary and the secondary servers fail, Cisco Secure ACS
alternates between both servers until one responds.

Step 8

Click Submit.

Cisco Secure ACS saves the proxy RADIUS token server database configuration
you created. You can add it to your Unknown User Policy or assign specific user
accounts to use this database for authentication. For more information about the
Unknown User Policy, see

About Unknown User Authentication, page 15-4

. For

more information about configuring user accounts to authenticate using this
database, see

Chapter 7, “User Management”

.