Chapter 18 Managing System Administration Configurations

Managing Dictionaries

RADIUS (RedCreek)

RADIUS (US Robotics)

TACACS+

 

 

To view and choose attributes from a protocol dictionary, select System Administration >

 

 

Configuration > Dictionaries > Protocols; then choose a dictionary.

 

 

The Dictionary page appears with a list of available attributes as shown in Table 18-7:

Table 18-7

Protocols Dictionary Page

 

 

 

Option

 

Description

 

 

 

Attribute

 

Name of the attribute.

 

 

 

ID

 

(RADIUS only) The VSA ID.

 

 

 

Type

 

Data type of the attribute.

 

 

 

Direction

 

(RADIUS only) Specifies where the attribute is in use: in the request, in the response, or both. Single

 

 

or bidirectional authentication.

 

 

Multiple Allowed

(RADIUS only) Multiple attributes are allowed. Attributes that specify multiple allowed can be used

 

 

more than once in one request or response.

 

 

 

 

 

Use the arrows to scroll through the attribute list.

 

 

ACS 5.3 also supports RADIUS vendor-specific attributes (VSAs). A set of predefined RADIUS VSAs

 

 

are available. You can define additional vendors and attributes from the ACS web interface. You can

 

 

create, edit, or delete RADIUS VSAs.

 

 

After you have defined new VSAs, you can use them in policies, authorization profiles, and RADIUS

 

 

token servers in the same way as predefined VSAs. For more information, see:

 

 

RADIUS VSAs, page A-6.

 

 

Creating, Duplicating, and Editing RADIUS Vendor-Specific Attributes, page 18-6

Creating, Duplicating, and Editing RADIUS Vendor-Specific Attributes

Vendor-Specific Attributes (VSAs) allow vendors to create extension to the RADIUS attributes. The vendors have a specific vendor number assigned to them. VSAs are attributes that contain subattributes. ACS 5.3 allows you to create, duplicate, or edit RADIUS VSA (VSAs). To do this:

Some of the internally used attributes cannot be modified.

You cannot modify an attribute’s type if the attribute is used by any policy or policy element.

Step 1 Choose System Administration > Configuration > Dictionaries > Protocols > RADIUS VSA.

Step 2 Do one of the following:

Click Create.

Check the check box next to the RADIUS VSA that you want to duplicate, then click Duplicate.

Check the check box next to the RADIUS VSA that you want to edit, then click Edit.

The Create RADIUS VSA page appears. Modify the fields as described in Table 18-8.

 

User Guide for Cisco Secure Access Control System 5.3

18-6

OL-24201-01

Page 519 Page 521
Page 520
Image 520
Cisco Systems OL-24201-01 manual Radius VSAs, page A-6, 18-6
Page 519 Page 521
Top Page Image Contents