Chapter 7 Managing Network Resources

Configuring a Default Network Device

Choose Network Resources > Default Network Device to configure the default network device. The Default Network Device page appears, displaying the information described in Table 7-6.

Table 7-6

Default Network Device Page

Option

Description

Default Network Device

The default device definition can optionally be used in cases where no specific device definition is found that matches a device IP address.

Default Network Device Status

Choose Enabled from the drop-down list box to move the default network device to the active state.

Network Device Groups

 

Location

Click Select to display the Network Device Groups selection box. Click the radio button

 

 

 

 

 

 

 

next to the Location network device group you want to associate with the network device.

 

 

 

 

 

 

See Creating, Duplicating, and Editing Network Device Groups, page 7-2for information

 

 

 

 

 

 

about creating network device groups.

 

 

 

 

 

Device Type

Click Select to display the Network Device Groups selection box. Click the radio button

 

 

 

 

 

 

next to the Device Type network device group you want to associate with the network

 

 

 

 

 

 

device.

 

 

 

 

 

 

See Creating, Duplicating, and Editing Network Device Groups, page 7-2for information

 

 

 

 

 

 

about creating network device groups.

 

 

 

 

 

 

Authentication Options

 

 

 

 

 

 

 

 

TACACS+

Check to use the Cisco IOS TACACS+ protocol to authenticate communication to and from

 

 

 

 

 

 

the network device.

 

 

 

 

 

 

You must use this option if the network device is a Cisco device-management application,

 

 

 

 

 

 

such as Management Center for Firewalls. You should use this option when the network

 

 

 

 

 

 

device is a Cisco access server, router, or firewall.

 

 

 

 

 

Shared Secret

Shared secret of the network device, if you enabled the TACACS+ protocol.

 

 

 

 

 

 

A shared secret is an expected string of text, which a user must provide before the network

 

 

 

 

 

 

device authenticates a username and password. The connection is rejected until the user

 

 

 

 

 

 

supplies the shared secret.

 

 

 

 

 

Single Connect Device

Check to use a single TCP connection for all TACACS+ communication with the network

 

 

 

 

 

 

device. Choose one:

 

 

 

 

 

 

Legacy TACACS+ Single Connect Support

 

 

 

 

 

 

TACACS+ Draft Compliant Single Connect Support

 

 

 

 

 

 

If you disable this option, ACS uses a new TCP connection for every TACACS+ request.

 

 

 

 

 

RADIUS

Check to use the RADIUS protocol to authenticate communication to and from the network

 

 

 

 

 

 

device.

 

 

 

 

 

Shared Secret

Shared secret of the network device, if you have enabled the RADIUS protocol.

 

 

 

 

 

 

A shared secret is an expected string of text, which a user must provide before the network

 

 

 

 

 

 

device authenticates a username and password. The connection is rejected until the user

 

 

 

 

 

 

supplies the shared secret.

 

 

 

 

 

CoA Port

Used to set up the RAIUS CoA port for session directory, for user authentication. This

 

 

 

 

 

 

session directory can be launched from Monitoring and Troubleshooting Viewer page. By

 

 

 

 

 

 

default, the CoA port value is filled as 1700.

 

 

 

 

 

 

 

 

 

 

 

 

 

User Guide for Cisco Secure Access Control System 5.3

 

 

 

 

 

 

 

 

 

 

 

7-18

 

 

 

 

OL-24201-01

 

 

 

 

 

 

 

Page 148
Image 148
Cisco Systems OL-24201-01 manual About creating network device groups