Authorization Profiles | Cisco Systems OL-24201-01 specs

Chapter 9 Managing Policy Elements

Managing Authorizations and Permissions

Creating, Duplicating, and Editing Authorization Profiles for Network Access

You create authorization profiles to define how different types of users are authorized to access the network. For example, you can define that a user attempting to access the network over a VPN connection is treated more strictly than a user attempting to access the network through a wired connection.

An authorization profile defines the set of attributes and values that the Access-Accept response returns. You can specify:

•Common data, such as VLAN information, URL for redirect, and more. This information is automatically converted to the raw RADIUS parameter information.

•RADIUS authorization parameters—You can select any RADIUS attribute and specify the corresponding value to return.

You can duplicate an authorization profile to create a new authorization profile that is the same, or similar to, an existing authorization profile. After duplication is complete, you access each authorization profile (original and duplicated) separately to edit or delete them.

After you create authorization profiles, you can use them as results in network access session authorization policies.

To create, duplicate, or edit an authorization profile:

Step 1 Select Policy Elements > Authorization and Permissions > Network Access > Authorization Profile.

The Authorization Profiles page appears with the fields described in Table 9-3:

Table 9-3	Authorization Profiles Page

Option		Description

Name		List of existing network access authorization definitions.

Description		Display only. The description of the network access authorization definition.

Step 2 Do one of the following:

•Click Create.

•Check the check box next to the authorization profile that you want to duplicate and click Duplicate.

•Click the name that you want to modify; or, check the check box next to the name that you want to modify and click Edit.

The Authorization Profile Properties page appears.

Step 3 Enter valid configuration data in the required fields in each tab. See:

•Specifying Authorization Profiles, page 9-19

•Specifying Common Attributes in Authorization Profiles, page 9-19

•Specifying RADIUS Attributes in Authorization Profiles, page 9-21

Step 4 Click Submit.

The authorization profile is saved. The Authorization Profiles page appears with the authorization profile that you created or duplicated.

	User Guide for Cisco Secure Access Control System 5.3
9-18	OL-24201-01

Cisco Systems OL-24201-01 manual Authorization Profiles

Models: OL-24201-01

Authorization Profiles Page

Option

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01