Cisco Systems OL-9971-01 About the Proxy Distribution Table, Adding a New Proxy Distribution Table Entry

3-28

User Guide for Cisco Secure Access Control Server

OL-9971-01

Chapter3 Network Configuration

Configuring Proxy Distribution Tables

About the Proxy Distribution Table

If you enabled the Distributed Systems Settings, when you click Network Configuration, you will see

the Proxy Distribution Table.

Tip To enable Distributed Systems Settings in the ACS, chooseInterface Configuration > Advanced

Options. Then, check the Distributed System Settings check box.

The Proxy Distribution Table includes entries that show the character strings on which to proxy, the

AAA servers to proxy to, whether to strip the character string, and where to send the accounting

information (Local/Remote,Remote, or Local). For more information about the proxy feature, see Proxy

in Distributed Systems, page 3-3.

The entries that you define and place in the Proxy Distribution Table are treated one at a time for each

authentication request that ACS receivesfrom the AAA client. The authentication request is defined in

the Proxy Distribution Tableaccording to the forwarding destination. If a match to an entry in the Proxy

DistributionTable that contains proxy information is found, ACS forwards the request to the appropriate

AAA server.

The Character String column in the Proxy Distribution Tablealways contains an entry of (Default). The

(Default) entry matches authentication requests that are receivedby the local ACS that do not match any

other definedcharacter strings. While you cannot change the character string definition for the (Default)

entry, you can change the distribution of authentication requests matching the (Default) entry. At

installation, the AAA server associated with the (Default) entry is the local ACS.You might sometimes

find it easier to define strings that match authentication requests to be processed locally rather than

definingstrings that match authentication requests to be processed remotely. In such a case, associating

the (Default) entry with a remote AAA server permits you to configure your Proxy Distribution Table

with the more easily written entries.

Adding a New Proxy Distribution Table Entry

To create a Proxy Distribution Table entry:

Step 1 In the navigation bar, click Network Configuration.

The Network Configuration page opens.

Step 2 Under the Proxy Distribution Table, clickAdd Entry.

Note If the Proxy Distribution Table does not appear, chooseInterface Configuration > Advanced

Options. Then, select the Distributed System Settings check box.

Step 3 In the Character String box, type the string of characters, including the delimiter to forward on when

users dial in to be authenticated. For example, .uk.

Note Angle brackets (<>) cannot be used.

Step 4 From the Position list, select Prefixif the character string that you typed appears at the beginning of the

username or Suffix if the character string appears at the end of the username.