Chapter 3 Network Configuration

Network Device Searches

Sending the accounting information to the remote AAA server also enables you to use the Max Sessions feature. The Max Sessions feature uses the Start and Stop records in the accounting packet. If the remote AAA server is an ACS and the Max Sessions feature is implemented, you can track the number of sessions that are allowed for each user or group.

You can also choose to have Voice-over-IP (VoIP) accounting information logged remotely, appended to the RADIUS Accounting log, entered in a separate VoIP Accounting log, or both.

Other Features Enabled by System Distribution

Beyond basic proxy and fallback features, configuring an ACS to interact with distributed systems enables several other features that are beyond the scope of this chapter. These features include:

Replication—For more information, see ACS Internal Database Replication, page 8-1.

RDBMS synchronization—For more information, see RDBMS Synchronization, page 8-17.

Remote and centralized logging—For more information, see Remote Logging for ACS for

 

Windows, page 10-9, and Remote Logging for ACS SE with ACS Remote Agents, page 10-10.

Network Device Searches

You can search for any network device that is configured in the Network Configuration section of the ACS web interface.

This section contains the following topics:

Network Device Search Criteria, page 3-6

Searching for Network Devices, page 3-7

Network Device Search Criteria

You can specify search criteria for network device searches. ACS provides the following search criteria:

Name—The name assigned to the network device in ACS. You can use an asterisk (*) as a wildcard character. For example, if you wanted to find all devices with names starting with the letter M, you would enter M* or m*. Name-based searches are case insensitive. If you do not want to search based on device name, you can leave the Name box blank or you can put only an asterisk (*) in the Name box.

IP Address—The IP address specified for the network device in ACS. For each octet in the address, you have three options:

Number—You can specify a number, for example, 10.3.157.98.

Numeric Range—You can specify the low and high numbers of the range in the octet, separated by a hyphen (-), for example, 10.3.157.10-50.

Wildcard—You can use an asterisk (*) to match all numbers in that octet, for example, 10.3.157.*.

ACS allows any octet or octets in the IP Address box to be a number, a numeric range, or an asterisk (*), for example 172.16-31.*.*.

User Guide for Cisco Secure Access Control Server

3-6

OL-9971-01

 

 

Page 6
Image 6
Cisco Systems OL-9971-01 manual Network Device Searches, Other Features Enabled by System Distribution