Cisco Systems OL-9971-01 manual About the Proxy Distribution Table

Page 28

Chapter 3 Network Configuration

Configuring Proxy Distribution Tables

About the Proxy Distribution Table

If you enabled the Distributed Systems Settings, when you click Network Configuration, you will see the Proxy Distribution Table.

Tip To enable Distributed Systems Settings in the ACS, choose Interface Configuration > Advanced Options. Then, check the Distributed System Settings check box.

The Proxy Distribution Table includes entries that show the character strings on which to proxy, the

AAAservers to proxy to, whether to strip the character string, and where to send the accounting information (Local/Remote, Remote, or Local). For more information about the proxy feature, see Proxy in Distributed Systems, page 3-3.

The entries that you define and place in the Proxy Distribution Table are treated one at a time for each authentication request that ACS receives from the AAA client. The authentication request is defined in the Proxy Distribution Table according to the forwarding destination. If a match to an entry in the Proxy Distribution Table that contains proxy information is found, ACS forwards the request to the appropriate AAA server.

The Character String column in the Proxy Distribution Table always contains an entry of (Default). The (Default) entry matches authentication requests that are received by the local ACS that do not match any other defined character strings. While you cannot change the character string definition for the (Default) entry, you can change the distribution of authentication requests matching the (Default) entry. At installation, the AAA server associated with the (Default) entry is the local ACS. You might sometimes find it easier to define strings that match authentication requests to be processed locally rather than defining strings that match authentication requests to be processed remotely. In such a case, associating the (Default) entry with a remote AAA server permits you to configure your Proxy Distribution Table with the more easily written entries.

Adding a New Proxy Distribution Table Entry

To create a Proxy Distribution Table entry:

Step 1 In the navigation bar, click Network Configuration.

The Network Configuration page opens.

Step 2 Under the Proxy Distribution Table, click Add Entry.

Note If the Proxy Distribution Table does not appear, choose Interface Configuration > Advanced Options. Then, select the Distributed System Settings check box.

Step 3 In the Character String box, type the string of characters, including the delimiter to forward on when users dial in to be authenticated. For example, .uk.

Note Angle brackets (<>) cannot be used.

Step 4 From the Position list, select Prefix if the character string that you typed appears at the beginning of the username or Suffix if the character string appears at the end of the username.

User Guide for Cisco Secure Access Control Server

3-28

OL-9971-01

 

 

Page 27 Page 29
Image 28
Page 27 Page 29
Contents Network Configuration About Network ConfigurationAbout ACS in Distributed Systems AAA Servers in Distributed SystemsProxy Feature Default Distributed System SettingsProxy in Distributed Systems Fallback on Failed Connection An ExampleRemote Use of Accounting Packets Character StringNetwork Device Searches Other Features Enabled by System DistributionNetwork Device Search Criteria Searching for Network Devices Configuring AAA Clients AAA Client Configuration OptionsNetwork Configuration Configuring AAA Clients Network Configuration Configuring AAA Clients Adding AAA Clients Before You BeginEditing AAA Clients Configuring a Default AAA Client Follow the steps for Adding AAA Clients,Configuring AAA Servers Deleting AAA ClientsAAA Server Configuration Options Adding AAA Servers Editing AAA Servers Configuring Remote Agents ACS Solution Engine Only Deleting AAA ServersRemote Agent Configuration Options About Remote AgentsAdding a Remote Agent Editing a Remote Agent Configuration Deleting a Remote Agent Configuration Configuring Network Device Groups Adding a Network Device Group Assigning an Unassigned AAA Client or AAA Server to an NDG Reassigning AAA Clients or AAA Servers to an NDGEditing a Network Device Group NDG properties are changedConfiguring Proxy Distribution Tables Deleting a Network Device GroupAbout the Proxy Distribution Table Adding a New Proxy Distribution Table EntryNetwork Configuration Configuring Proxy Distribution Tables Editing a Proxy Distribution Table Entry Deleting a Proxy Distribution Table Entry
Top Page Image Contents