This chapter describes the tasks that you must perform after completing the ACS installation successfully.
This chapter contains:
•Accessing the Web Interface
To operate ACS, you must install a valid license. ACS prompts you to install a valid base license when you first access the web interface.
Note Each server requires a unique base license in a distributed deployment.
This section contains:
•Types of Licenses
•Auto-Installation of the Evaluation License
Types of Licenses
Table 8-1 shows ACS 5.2 license support:
Table 8-1 ACS License Support
The base license is required for all software instances deployed, as well as for all appliances. The base license enables you to use all the ACS functionality except license controlled features, and it enables standard centralized reporting features.
•Required for each ACS instance, primary and secondary.
•Required for all appliances.
•Supports deployments with up to 500 managed devices.
The following are the types of base license:
•Permanent—This license does not have an expiration date. Supports deployments with up to 500 managed devices.
•Evaluation—Expires 90 days from the time the license is issued. Supports deployments with up to 50 managed devices.
The number of devices is determined by the number of unique IP addresses that you configure. This includes the subnet masks that you configure. For example, a subnet mask of 255.255.255.0 implies 256 unique IP addresses and hence the number of devices is 256.
Add-on licenses can only be installed on an ACS server with permanent base license. Large deployment needs permanent base license to be installed.
Auto-Installation of the Evaluation License
If you are using a virtual machine (VM) for ACS with disk space between 60 GB and 500 GB, ACS automatically installs the evaluation license. However, you can also get the evaluation license and install it manually on the ACS server.
Note If you use an ACS server with less than 500 GB hard disk space, Cisco does not provide support for scalability, performance, and disk space-related issues.
For further details on licensing, see User Guide for the Cisco Secure Access Control System 5.2.
Accessing the Web Interface
The ACS web interface is supported on HTTPS-enabled Microsoft Internet Explorer versions 6 and 7, and Firefox version 3.x.
This section contains:
When you log into the ACS web interface for the first time, you are prompted to install the license file.
To log into the ACS web interface:
Step 1 Enter the ACS URL in your browser.
https://acs_host/acsadmin, where acs_host is the IP address or DNS host name.
The login page appears.
Step 2 In the Username field, enter ACSAdmin, which is the default username. The value is not case-sensitive.
Step 3 In the Password field, enter default, which is the default password. The value is case-sensitive.
Note Click Reset to clear the Username and Password fields and start over, if needed.
Step 4 Click Login or press Enter.
The login page reappears, prompting you to change your password.
Step 5 Enter default in the Old Password field, then enter a new password in the New Password and Confirm Password fields.
If you forget your username or password, use the acs reset-password command to reset your username to ACSAdmin and your password to default. You are prompted to change your password after a reset. See Command Line Reference Guide for ACS 5.2 for more information.
Step 6 Click Login or press Enter.
You are prompted to install a valid license as shown in Figure 8-1.
Figure 8-1 ACS 5.2 License Screen
The license page appears only the first time that you log into ACS.
Step 7 Click Browse and choose a valid, unique base license for the ACS server.
For more information on installing a valid license, see the User Guide for the Cisco Secure Access Control System 5.2.
•If your login is successful, the main page of the ACS web interface appears.
•If your login is unsuccessful, the following error message appears:
Invalid username or password specified.
The Username and Password fields are cleared.
Step 8 Re-enter the valid username and password, and click Login.
To log out of the ACS web interface:
Step 1 Click Logout in the ACS web interface header to end your administrative session.
A dialog box appears, prompting you to confirm whether you want to log out of ACS.
Step 2 Click OK.
You are logged out.
For security reasons, Cisco recommends that you log out of the ACS when you complete your administrative session. If you do not log out, the ACS web interface logs you out after 30 minutes of inactivity, and does not save any unsubmitted configuration data.
For more information on using the Web Interface, see the User Guide for the Cisco Secure Access Control System 5.2.
Use the ACS web interface for initial configuration setup. The ACS web interface allows you to access pages, perform configuration tasks, and view interface configuration errors.
When you finish installing the license file, perform the following ACS configuration setup:
•Configuring system administrators and accounts
•Configuring ACS in a distributed deployment
•Managing system administration configurations:
–Configuring global system options
–Configuring local server certificates
•Configuring data backup
•Configuring collection filters
•Managing ACS logging
•Specifying e-mail settings
•Specifying session settings
•Specifying system alarm settings
•Configuring data purging
•Configuring password policies
For details on each operation and other administrative functions, such as monitoring and report, see the User Guide for the Cisco Secure Access Control System 5.2.
For details on migration and problems with migration, see the Migration Guide for the Cisco Secure Access Control System 5.2.
For up-to-date information on Cisco.com, see the Release Notes for the Cisco Secure Access Control System 5.2.