Chapter 4 Setting Up and Managing Network Configuration
AAA Server Configuration
4-22
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
•
Key—The shared secret of the AAA server. Maximum length for a AAA
server key is 32 characters.
For correct operation, the key must be identical on the remote AAA server
and Cisco Secure ACS. Keys are case sensitive. Because shared secrets are
not synchronized, it is easy to make mistakes when entering them upon
remote AAA servers and Cisco Secure ACS. If the shared secret does not
match, Cisco Secure ACS discards all packets from the remote AAA server.
•
Network Device Group—The name of the NDG to which this AAA server
should belong. To make the AAA server independent of NDGs, use the Not
Assigned selection.
Note
This option does not appear if you have not configured Cisco Secure ACS
to use NDGs. To enable NDGs, click Interface Configuration, click
Advanced Options, and then select the Network Device Groups check
box.
•
Log Update/Watchdog Packets from this remote AAA Server—Enables
logging of update, or watchdog, packets from AAA clients that are forwarded
by the remote AAA server to this Cisco Secure ACS. Watchdog packets are
interim packets sent periodically during a session. They provide you with an
approximate session length if a AAA client fails and, therefore, no stop
packet is received to mark the end of the session.
•
AAA Server Type—
–
RADIUS—Select this option if the remote AAA server is configured
using any type of RADIUS protocol.
–
—Select this option if the remote AAA server is configured
using the protocol.
–
Cisco Secure ACS—Select this option if the remote AAA server is
another Cisco Secure ACS. This enables you to configure features that
are only available with other Cisco Secure ACS servers, such as
CiscoSecure user database replication and remote logging.
Note
The remote Cisco Secure ACS must be using version 2.1 or later.