Cisco Systems Servers Uniform Resource Locator for the HTML Interface, Network Environments and Remote Administrative Sessions

Chapter1 Overview of Cisco Secure ACS

CiscoSecure ACS HTML Interface

1-24

Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide

78-13751-01, Version 3.0

Uniform Resource Locator for the HTML Interface

The HTML interface is available by web browser at one of the following uniform

resource locators (URLs):

•http://Windows server IP address:2002

•http://Windows server host name:2002

From the server on which Cisco Secure ACS is installed, you can also use the

following URLs:

•http://localhost:2002

•http://127.0.0.1:2002

Network Environments and Remote Administrative Sessions

We recommend that remote administrative sessions take place without the use of

an HTTP proxy server, without a firewall between the remote browser and the

Cisco Secure ACS server, and without a NAT gateway between the remote

browser and the Cisco Secure ACS server. Because these limitations are not

always practical, we included the following topics regarding these remote

administration scenarios.

Cisco Secure ACS does not support HTTP proxy for remote administrative

sessions. If the browser used for a remote administrative session is configured to

use a proxy server, Cisco Secure ACS sees the administrative session originating

from the IP address of the proxy server rather than the actual address of the remote

workstation. Remote administrative session tracking assumes each browser

resides on a workstation with a unique IP.

Also, IP filtering of proxied administrative sessions has to be based on the IP

address of the proxy server rather than the IP address of the workstation. This

conflicts with administrative session communication that does use the actual IP

address of the workstation. For more information about IP filtering of remote

administrative sessions, see the “Access Policy” section on page 10-10.