beautypg.com

Creating an external policy, Creating an external – Cisco 3.3 User Manual

Page 604

background image

Chapter 14 Network Admission Control

NAC Policies

14-32

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Forwarding Credential Types—Contains two lists for use in specifying
which credential types are forwarded to the external server.

Available Credentials—Specifies the credential types that are not sent
to the external server.

Selected Credentials—Specifies the credential types that are sent to the
external server.

Creating an External Policy

This procedure describes how you can create an external policy.

Before You Begin

Although external policies can be selected for more than one NAC database, the
page for creating an external policy must be accessed through the configuration
pages of a specific NAC database. The NAC database you use to access the
External Policy Configuration page does not limit which NAC databases can
select the new external policy.

For descriptions of the options available on the External Policy Configuration
page, see

External Policy Configuration Options, page 14-29

.

To create an external policy, follow these steps:

Step 1

If you have not already done so, access the External Policy Configuration page.
To do so, follow these steps:

a.

In the navigation bar, click External User Databases.

b.

Click Database Configuration > Network Admission Control.

Cisco Secure ACS displays a list of all possible external user database types.

c.

Select a NAC database from the list of NAC databases and click Configure.

Tip

If there is only one NAC database, no list of databases appears and you
can click Configure.

The Expected Host Configuration page for the selected NAC database
appears. The Credential Validation Policies table lists the policies selected for
this NAC database.