beautypg.com

Cisco 3.3 User Manual

Page 566

background image

Chapter 13 User Databases

Token Server User Databases

13-82

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

c.

Click Submit.

Cisco Secure ACS lists the new configuration in the External User Database
Configuration table.

Step 5

Under External User Database Configuration, select the name of the
RADIUS-enabled token server you need to configure.

Note

If only one RADIUS-enabled token server configuration exists, the name
of that configuration appears instead of the list. Proceed to

Step 6

.

Step 6

Click Configure.

Step 7

In the RADIUS Configuration table, type the required information in the
following boxes:

Primary Server Name/IP—The hostname or IP address of the primary
RADIUS token server. If you provide the hostname, the hostname must be
resolvable by DNS.

Secondary Server Name/IP—The hostname or IP address of the secondary
RADIUS token server. If you provide the hostname, the hostname must be
resolvable by DNS.

Shared Secret—The shared secret of the RADIUS server. This must be
identical to the shared secret with which the RADIUS token server is
configured.

Authentication Port—The UDP port over which the RADIUS server
conducts authentication sessions. If the RADIUS token server is installed on
the same Windows server as Cisco Secure ACS, this port should not be the
same port used by Cisco Secure ACS for RADIUS authentication. For more
information about the ports used by Cisco Secure ACS for RADIUS, see

RADIUS, page 1-7

.

Note

For Cisco Secure ACS to send RADIUS OTP messages to a
RADIUS-enabled token server, you must ensure that gateway devices
between the RADIUS-enabled token server and Cisco Secure ACS
allow communication over the UDP port specified in the
Authentication Port box.