Cisco Systems OL-24201-01 manual Password-Based Network Access Configuration Flow, Protocol Action

Chapter 4 Common Scenarios Using ACS

Password-Based Network Access

Password-Based Network Access Configuration Flow

This topic describes the end-to-end flow for password-based network access and lists the tasks that you must perform. The information about how to configure the tasks is located in the relevant task chapters.

To configure password-based network access:

Step 1 Configure network devices and AAA clients.

a.In the Network Devices and AAA Clients, page 7-5, configure the Authentication Setting as

RADIUS.

b.Enter the Shared Secret.

See Network Devices and AAA Clients, page 7-5, for more information.

Step 2 Configure the users and identity stores. For more information, see Chapter 8, “Managing Users and Identity Stores.”

Step 3 Define policy conditions and authorization profiles. For more information, see Chapter 9, “Managing Policy Elements.”

Step 4 Define an access service. For more information, see Creating, Duplicating, and Editing Access Services, page 10-12.

a.Set the Access Service Type to Network Access.

b.Select one of the ACS-supported protocols in the Allowed Protocols Page and follow the steps in the Action column in Table 4-1.

Step 5 Add the access service to your service selection policy. For more information, see Creating, Duplicating, and Editing Service Selection Rules, page 10-8.

Step 6 Return to the service that you created and in the Authorization Policy Page, define authorization rules. For more information, see Configuring Access Service Policies, page 10-21.

User Guide for Cisco Secure Access Control System 5.3