10-17
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Chapter 10 Setting Up and Managing Administrators and Policy
Session Policy
•
Respond to Invalid IP Address Connections—Enables an error message in
response to attempts to start a remote administrative session using an IP
address that is invalid according to the IP address ranges configured in Access
Policy. Disabling this option can help prevent unauthorized users from
discovering your Cisco Secure ACS server.
•
Lock out Administrator after X successive failed attempts—Enables
Cisco Secure ACS to lock out an administrator after a number of successive
failed attempts to log in to the HTML interface. The number of successive
attempts is specified in the X box. If this check box is selected, the X box
cannot be set to zero. If this check box is not selected, Cisco Secure ACS
allows unlimited successive failed login attempts by an administrator.
Setting Up Session Policy
For information about session policy options, see
Session Policy Options,
page 10-16
.
To setup Cisco Secure ACS Session Policy, follow these steps:
Step 1
In the navigation bar, click Administration Control.
Result: Cisco Secure ACS displays the Administration Control page.
Step 2
Click Session Policy.
Result: The Session Policy Setup page appears.
Step 3
To define the number of minutes of inactivity after which Cisco Secure ACS ends
an administrative session, in the Session idle timeout (minutes) box, type the
number of minutes (up to 4 characters).
Step 4
Set the automatic local login policy:
a.
To allow administrators to log in to Cisco Secure ACS locally without using
their administrator names and passwords, select the Allow Automatic Local
Login check box.
b.
To require administrators to log in to Cisco Secure ACS locally using their
administrator names and passwords, clear the Allow Automatic Local Login
check box.