Chapter 4 Setting Up and Managing Network Configuration
AAA Client Configuration
4-12
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
The Add AAA Client and AAA Client Setup pages include the following options:
•
AAA Client Hostname—The name you assign to the AAA client
configuration. Each AAA client configuration can represent multiple network
devices; thus, the AAA client hostname configured in Cisco Secure ACS is
not required to match the hostname configured on a network device. We
recommend that you adopt a descriptive, consistent naming convention for
AAA client hostnames. Maximum length for a AAA client hostname is 32
characters.
Note
After you submit the AAA client hostname, you cannot change it. If you
want to use a different name for a AAA client, delete the AAA client
configuration and create a AAA client configuration using the new name.
•
AAA Client IP Address—At a minimum, a single IP address of a AAA
client. If you want a AAA client configuration in Cisco Secure ACS to
represent multiple network devices, you can specify multiple IP addresses.
Separate each IP address by pressing Enter.
In each IP address you specify, you have three options for each octet in the
address, as follows:
–
Number—You can specify a number, for example, 10.3.157.98.
–
Numeric Range—You can specify the low and high numbers of the
range in the octet, separated by a hyphen, for example, 10.3.157.10-50.
–
Wildcard—You can use an asterisk (*) to match all numbers in that
octet, for example, 10.3.157.*.
Cisco Secure ACS allows any octet or octets in the IP Address box to be a
number, a numeric range, or an asterisk, for example 172.16-31.*.*.
•
Key—The shared secret of the AAA client. Maximum length for a AAA
client key is 32 characters.
For correct operation, the key must be identical on the AAA client and
Cisco Secure ACS. Keys are case sensitive. Because shared secrets are not
synchronized, it is easy to make mistakes when entering them on network
devices and Cisco Secure ACS. If the shared secret does not match,
Cisco Secure ACS discards all packets from the network device.