Chapter 3 Network Configuration
Configuring Network Device Groups
Adding a Network Device Group
You can assign users or groups of users to NDGs. For more information, see:
•Setting TACACS+ Enable Password Options for a User, page
•Setting Enable Privilege Options for a User Group, page
To add an NDG:
Step 1 In the navigation bar, click Network Configuration.
The Network Configuration page opens.
Step 2 Under the Network Device Groups table, click Add Entry.
Tip If the Network Device Groups table does not appear, choose Interface Configuration > Advanced Options. Then, choose Network Device Groups.
Step 3 In the Network Device Group Name box, type the name of the new NDG.
Tip The maximum name length is 24 characters. Quotation marks (“) and commas (,) are not allowed. Spaces are allowed.
Step 4 In the Shared Secret box, enter a key for the Network Device Group. The maximum length is 32 characters.
Each device that is assigned to the Network Device Group will use the shared key that you enter here. The key that was assigned to the device when it was added to the system is ignored. If the key entry is null, the AAA client key is used. See AAA Client Configuration Options, page
Step 5 In the RADIUS Key Wrap section, enter the shared secret keys for RADIUS Key Wrap in
Each key must be unique, and must also be distinct from the RADIUS shared key. These shared keys are configurable for each AAA Client, as well as for each NDG. The NDG key configuration overrides the
AAAClient configuration. If the key entry is null, the AAA client key is used. See AAA Client Configuration Options, page
•Key Encryption Key
•Message Authentication Code Key
Note If you leave a key field empty when key wrap is enabled, the key will contain only zeros.
•Key Input
User Guide for Cisco Secure Access Control Server
| ||
|