Cisco Systems OL-9971-01 Network Device Searches, Other Features Enabled by System Distribution

Page 6

Chapter 3 Network Configuration

Network Device Searches

Sending the accounting information to the remote AAA server also enables you to use the Max Sessions feature. The Max Sessions feature uses the Start and Stop records in the accounting packet. If the remote AAA server is an ACS and the Max Sessions feature is implemented, you can track the number of sessions that are allowed for each user or group.

You can also choose to have Voice-over-IP (VoIP) accounting information logged remotely, appended to the RADIUS Accounting log, entered in a separate VoIP Accounting log, or both.

Other Features Enabled by System Distribution

Beyond basic proxy and fallback features, configuring an ACS to interact with distributed systems enables several other features that are beyond the scope of this chapter. These features include:

Replication—For more information, see ACS Internal Database Replication, page 8-1.

RDBMS synchronization—For more information, see RDBMS Synchronization, page 8-17.

Remote and centralized logging—For more information, see Remote Logging for ACS for

 

Windows, page 10-9, and Remote Logging for ACS SE with ACS Remote Agents, page 10-10.

Network Device Searches

You can search for any network device that is configured in the Network Configuration section of the ACS web interface.

This section contains the following topics:

Network Device Search Criteria, page 3-6

Searching for Network Devices, page 3-7

Network Device Search Criteria

You can specify search criteria for network device searches. ACS provides the following search criteria:

Name—The name assigned to the network device in ACS. You can use an asterisk (*) as a wildcard character. For example, if you wanted to find all devices with names starting with the letter M, you would enter M* or m*. Name-based searches are case insensitive. If you do not want to search based on device name, you can leave the Name box blank or you can put only an asterisk (*) in the Name box.

IP Address—The IP address specified for the network device in ACS. For each octet in the address, you have three options:

Number—You can specify a number, for example, 10.3.157.98.

Numeric Range—You can specify the low and high numbers of the range in the octet, separated by a hyphen (-), for example, 10.3.157.10-50.

Wildcard—You can use an asterisk (*) to match all numbers in that octet, for example, 10.3.157.*.

ACS allows any octet or octets in the IP Address box to be a number, a numeric range, or an asterisk (*), for example 172.16-31.*.*.

User Guide for Cisco Secure Access Control Server

3-6

OL-9971-01

 

 

Page 5 Page 7
Image 6
Page 5 Page 7
Contents Network Configuration About Network ConfigurationAbout ACS in Distributed Systems AAA Servers in Distributed SystemsDefault Distributed System Settings Proxy FeatureProxy in Distributed Systems Fallback on Failed Connection An ExampleRemote Use of Accounting Packets Character StringOther Features Enabled by System Distribution Network Device SearchesNetwork Device Search Criteria Searching for Network Devices Configuring AAA Clients AAA Client Configuration OptionsNetwork Configuration Configuring AAA Clients Network Configuration Configuring AAA Clients Adding AAA Clients Before You BeginEditing AAA Clients Configuring a Default AAA Client Follow the steps for Adding AAA Clients,Configuring AAA Servers Deleting AAA ClientsAAA Server Configuration Options Adding AAA Servers Editing AAA Servers Configuring Remote Agents ACS Solution Engine Only Deleting AAA ServersRemote Agent Configuration Options About Remote AgentsAdding a Remote Agent Editing a Remote Agent Configuration Deleting a Remote Agent Configuration Configuring Network Device Groups Adding a Network Device Group Assigning an Unassigned AAA Client or AAA Server to an NDG Reassigning AAA Clients or AAA Servers to an NDGEditing a Network Device Group NDG properties are changedConfiguring Proxy Distribution Tables Deleting a Network Device GroupAbout the Proxy Distribution Table Adding a New Proxy Distribution Table EntryNetwork Configuration Configuring Proxy Distribution Tables Editing a Proxy Distribution Table Entry Deleting a Proxy Distribution Table Entry
Top Page Image Contents