Guest

Cisco Secure Access Control Server for Windows

Recommended Resources for the Cisco Secure ACS User

 Feedback

Table Of Contents

Recommended Resources for the Cisco Secure ACS User

Part One:
Cisco Secure Access Control Server Topics

Cisco Secure Access Control Server—General Resources

Cisco Secure ACS for Windows Server—Version 3.2 Specific

Cisco Secure ACS Solution Engine —Version 3.2 Specific

Cisco Secure Access Control Server—Version 3.1 Specific

Cisco Secure Access Control Server—Version 3.0 Specific

Cisco Secure Access Control Server—Version 2.6 Specific

Part Two: Related Topics

ACL (Access Control List)

Authentication, Authorization, and Accounting (AAA)

Bugs

Catalyst Switch

Certification

Cisco Aironet Access Point Software

Cisco IOS

CiscoWorks

Configuration

Databases

EAP-TLS

IPSEC

LDAP

ODBC

PIX

PPP

Privileges

RADIUS (Remote Authentication Dial-In User Service)

RFCs

Secure Shell

Security

TACACS+

Virtual Private Networks (VPNs)

Cisco VPN 3000 Concentrator

Cisco VPN 5000 Concentrator

Wireless LAN


Recommended Resources for the Cisco Secure ACS User


This document presents links to a variety of documents that should help users of Cisco Secure Access Control Server. The information is presented in two parts. Part One presents topic links to documentation central to Cisco Secure ACS and arranged by product versions. Part Two presents links to selected topics that may aid the Cisco Secure ACS user.

You should be aware that the Cisco Secure Access Control Server nomenclature has evolved over a period of years.

Cisco Secure Access Control Server for Windows Server—The software version of Cisco Secure ACS releases 3.1 and 3.2.

Cisco Secure Access Control Server Solution Engine—The appliance version of the product; Cisco Secure Access Control Server Solution Engine 3.2 is the first hardware-based release of Cisco Secure ACS.

Cisco Secure ACS for Windows 2000/NT Servers—The software version of Cisco Secure ACS releases 2.5, 2.6, and 3.0.

CiscoSecure ACS for Windows NT Server—The software version of Cisco Secure ACS releases 2.1 through 2.4.

Abbreviations— CSNT, CSACS, and ACS have been used interchangeably in the literature to refer to any version of the Cisco Secure Access Control Server software.

This document includes links to the following topics:

Part One: Cisco Secure Access Control Server Topics

Cisco Secure Access Control Server—General Resources

Cisco Secure ACS for Windows Server—Version 3.2 Specific

Cisco Secure ACS Solution Engine —Version 3.2 Specific

Cisco Secure Access Control Server—Version 3.1 Specific

Cisco Secure Access Control Server—Version 3.0 Specific

Cisco Secure Access Control Server—Version 2.6 Specific

Part Two: Related Topics

ACL (Access Control List)

Authentication, Authorization, and Accounting (AAA)

Bugs

Catalyst Switch

Certification

Cisco Aironet Access Point Software

Cisco IOS

CiscoWorks

Configuration

Databases

EAP-TLS

EAP-TLS

IPSEC

LDAP

ODBC

PIX

PPP

Privileges

RADIUS (Remote Authentication Dial-In User Service)

RFCs

RFCs

Secure Shell

Security

TACACS+

Virtual Private Networks (VPNs)

Cisco VPN 3000 Concentrator

Cisco VPN 5000 Concentrator

Wireless LAN

Part One:
Cisco Secure Access Control Server Topics

Cisco Secure Access Control Server—General Resources

Cisco Secure Access Control Server for Windows—Products & Services Page

Presents the description of, and an index of major links for, Cisco Secure ACS for Windows.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/index.html


Cisco Secure Access Control Server Solution Engine—Products & Services

Presents the description of, and index of major links for, Cisco Secure ACS Solution Engine (Appliance).

http://www.cisco.com/en/US/products/sw/secursw/ps5338/index.html


Cisco Secure ACS for Windows—CCO Documentation Page

Links to major Cisco Secure ACS for Windows user documents, organized by version.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/
csacs4nt/index.htm


Cisco Secure ACS Solution Engine—CCO Documentation Page

Links to major Cisco Secure ACS user documents, organized by version.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/
csacsapp/index.htm


Cisco Secure ACS for Windows—Troubleshooting Tech Notes

List of links for Cisco Secure ACS technical issue links.

http://www.cisco.com/en/US/products/sw/secursw/
ps2086/prod_tech_notes_list.html


Cisco Secure ACS for Windows—Technical Support

Introduction page for Cisco Secure ACS for Windows that presents a comprehensive list of technical support resource links.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/tsd_products_support_series_home.html


Cisco Secure ACS for Windows Frequently Asked Questions—FAQ

Provides answers to common questions regarding Cisco Secure ACS.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_
qanda_item09186a0080094bac.shtml


Cisco's Integrated Security Management Solution—Multimedia Presentation

An overview presentation that shows how CiscoWorks and Cisco Secure management products integrate and deliver a robust and centralized approach to security management.

http://tools.cisco.com/cmn/jsp/index.jsp?id=21475


CiscoSecure ACS for Windows Compatibility—Tech Note

Presents the software and hardware with which Cisco Secure ACS for Windows is compatible.

http://www.cisco.com/en/US/products/sw/secursw/
ps2086/products_tech_note09186a008009462a.shtml


Guidelines for Placing ACS in the Network—White Paper

Discusses planning, design, and implementation practices for deploying Cisco Secure ACS for Windows NT/2000 in an enterprise network. Paper is based on Cisco Secure ACS versions 2.6 and 3.0, but has relevancy to more recent versions.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080092567.shtml


Obtaining the CiscoSecure ACS for Windows Version and AAA Debug Information—Tech Note

How to view the CiscoSecure ACS for Windows version and how to set up and obtain authentication, authorization, and accounting (AAA) debug information (based on version 2.6).

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_tech_note09186a00800afec1.shtml


Cisco Secure ACS for Windows Server—Version 3.2 Specific

Cisco Secure Access Control Server for Windows—Products & Services

Presents the description of, and an index of major links for, Cisco Secure ACS Version 3.2 for Windows.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/index.html


Cisco Secure ACS 3.2 for Windows Server—Documentation Page

Presents links to the major user documents for Cisco Secure ACS 3.2 for Windows Server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/
csacs4nt/acs32/index.htm


User Guide for Cisco Secure ACS for Windows Server Version 3.2

The 700+ page Cisco Secure ACS for Windows Version 3.2 user guide, in HTML format with links to the PDF version by chapter.

http://www.cisco.com/univercd/cc/td/doc/product/access/
acs_soft/csacs4nt/acs32/user/index.htm


Installation Guide for Cisco Secure ACS for Windows Server Version 3.2

The Cisco Secure ACS for Windows Version 3.2 installation guide, in HTML format with a link to the PDF version.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
prod_installation_guide09186a0080184928.html


Release Notes for Cisco Secure ACS for Windows Server Version 3.2

Important issues and caveats regarding Cisco Secure ACS for Windows Version 3.2.

http://www.cisco.com/en/US/products/sw/secursw/
ps2086/prod_release_note09186a008018492b.html


Supported and Interoperable Devices and Software Tables for Cisco Secure ACS for Windows Server Version 3.2

Lists devices and software programs that are interoperable with Cisco Secure ACS for Windows Version 3.2.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_device_support_table09186a00801f69a0.html


Installation and User Guide for Cisco Secure ACS Version 3.2 User-Changeable Passwords

Contains instructions for installing and using Cisco Secure ACS User-Changeable Passwords.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
prod_installation_guide09186a008018492d.html


Cisco Secure ACS Solution Engine —Version 3.2 Specific

Note that the two terms Solution Engine and Appliance have been used interchangeably to denote the hardware version of Cisco Secure ACS.
Solution Engine reflects the more current terminology.

Cisco Secure Access Control Server Solution Engine—Products & Services

Presents the description of, and index of major links for, Cisco Secure ACS Solution Engine (Appliance) Version 3.2.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/index.html


Data Sheet: Cisco Secure Access Control Server Solution Engine

The Cisco Secure ACS Solution Engine data sheet includes benefits and requirements of the appliance version of Cisco Secure ACS.

http://www.cisco.com/en/US/products/sw/secursw/
ps5338/products_data_sheet09186a008018ea8d.html


Cisco Secure Access Control Server Solution Engine Q&A

An overview in question and answer format for the Cisco Secure ACS Solution Engine.

http://www.cisco.com/en/US/products/sw/secursw/
ps5338/products_qanda_item09186a008018e94a.shtml


Cisco Secure ACS Appliance—Documentation Page

Presents links to the major user documents for the Cisco Secure ACS Solution Engine Version 3.2.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/
csacsapp/index.htm


User Guide for Cisco Secure ACS Appliance

The 700+ page Cisco Secure ACS Appliance Version 3.2 user guide, in HTML format with links to the PDF version by chapter.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/
products_user_guide_book09186a0080204be1.html

Installation and Setup Guide for Cisco Secure ACS Appliance

The Cisco Secure ACS Appliance Version 3.2 installation and setup guide, in HTML format with a link to the PDF version. Includes the CLI command reference.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_installation_guide_book09186a0080204bbd.html


Release Notes for Cisco Secure ACS Appliance Version 3.2

Important issues and caveats regarding Cisco Secure ACS Appliance 3.2.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/
prod_release_note09186a0080193af4.html


Supported and Interoperable Devices and Software Tables for Cisco Secure ACS Appliance version 3.2

Lists devices and software programs that are interoperable with Cisco Secure ACS Appliance Version 3.2

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_device_support_table09186a00801f69a6.html


Installation and Configuration Guide for Cisco Secure ACS Remote Agents

Contains instructions for installing and using Cisco Secure ACS Remote Agents.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_installation_and_configuration_guide_book09186a0080204bc6.html


Installation and User Guide for Cisco Secure ACS Version 3.2 User-Changeable Passwords

Contains instructions for installing and using Cisco Secure ACS User-Changeable Passwords.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/prod_installation_guide09186a00801c2e18.html


Cisco Secure Access Control Server—Version 3.1 Specific

Cisco Secure ACS 3.1 for Windows Server—Documentation Page

Presents links to the major user documents for Cisco Secure ACS 3.1 for Windows Server.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/
csacs4nt/acs31/index.htm


User Guide for Cisco Secure ACS Windows Server 3.1

The 600+ page Cisco Secure ACS user guide, in HTML or PDF format.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_user_guide_book09186a0080102166.html


Installation Guide for Cisco Secure ACS for Windows Server 3.1

The comprehensive installation guide, in HTML or PDF format.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_installation_guide_chapter09186a00800e6eae.html


Release Notes for Cisco Secure Access Control Server for Windows Server Version 3.1

The release notes for Cisco Secure ACS for Windows Server Version 3.1.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
prod_release_note09186a00800e6edc.html


Installation and User Guide for Cisco Secure ACS 3.1 User-Changeable Passwords

UCP installation and user guide.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
prod_installation_guide09186a00800e6edf.html


Cisco Secure Access Control Server—Version 3.0 Specific

Cisco Secure ACS 3.0 for Windows 2000/NT Servers—Documentation Page

Links to Cisco Secure ACS 3.0 user documents, including release notes, installation guides, and user guide.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/
csnt30/index.htm


Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide

The 600+ page Cisco Secure ACS user guide, in HTML or PDF format.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/
csnt30/user/index.htm


Cisco Secure Access Control Server (ACS) V 3.0 —Tutorial PDF Document

The 200-page comprehensive tutorial for Cisco Secure ACS Version 3.0 for Windows. (Note that this pdf document may be slow to load)

http://www.cisco.com/application/pdf/en/us/guest/products/ps2086/
c1161/ccmigration_09186a0080159f3f.pdf


Installing Cisco Secure ACS 3.0 for Windows 2000/NT Servers

The comprehensive installation guide, in HTML or PDF format.

http://www.cisco.com/univercd/cc/td/doc/product/access/
acs_soft/csacs4nt/csnt30/install/install.htm


Release Notes for Cisco Secure Access Control Server for Windows 2000/NT Servers Version 3.0

The release notes for Cisco Secure ACS for Windows 2000/NT Servers Version 3.0.

http://www.cisco.com/univercd/cc/td/doc/product/access/
acs_soft/csacs4nt/csnt30/rn301.htm


Cisco Secure Access Control Server—Version 2.6 Specific

Cisco Secure ACS 2.6 for Windows 2000/NT Servers—Documentation Page

Links to Cisco Secure ACS 2.6 user documents, including release notes, installation guides, and user guide.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/
csnt26/index.htm


Setting Up the User-Changeable Password Utility in Cisco Secure ACS for Windows

Examples of setting up Cisco Secure ACS for Windows 2.6 User-Changeable Password (UCP) utility with Internet Information Server (IIS) on Microsoft Windows 2000 and Microsoft Windows NT.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a0080094e7b.shtml


Configuring CiscoSecure ACS for Windows Router PPTP Authentication

Configuration guide for Point-to-Point Tunnel Protocol for Cisco Secure ACS for Windows 2.6.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a008009436a.shtml


Part Two: Related Topics

ACL (Access Control List)

Access Control Lists: Overview and Guidelines

An overview of using access control lists in a network.

http://www.cisco.com/en/US/customer/products/sw/iosswrel/
ps1835/products_configuration_guide_chapter09186a00800ca7c0.html


How to Apply Access Lists to Dial Interfaces with a RADIUS Server

Paper demonstrates how to apply access lists to dial interfaces with a RADIUS server.

http://www.cisco.com/en/US/tech/tk59/
technologies_tech_note09186a0080094032.shtml


Authentication, Authorization, and Accounting (AAA)

Authentication, Authorization, and Accounting (AAA) —Documentation Page

A collection of AAA document links.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/newsecf/
techsec/secaaa/index.htm


Bugs

Bug Toolkit

Go to this URL, log in, and then select Cisco Secure ACS for Windows.

http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl


Catalyst Switch

Guidelines for the Deployment of Cisco Secure ACS for Windows NT/2000 Servers in a Cisco Catalyst Switch Environment

Planning, design, and implementation practices for deploying Cisco Secure ACS for Windows NT/2000 servers in support of Cisco Catalyst® Switch networks

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080088890.shtml


Certification

Configuring Certification Authority Interoperability

A guide to configuring certification authority interoperability. Part of the Cisco IOS Release 12.2 Security Configuration Guide

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/
products_configuration_guide_chapter09186a00800ca7b2.html


Cisco Aironet Access Point Software

See also: and Wireless LAN.

Deploying Cisco Secure ACS for Windows in a Cisco Aironet Environment—White Paper

A white paper on deploying Cisco Secure ACS version 3.1 with Cisco Aironet Access Point.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a00801495a1.shtml


Cisco Aironet Access Point Software Configuration Guide for Vx Works

Describes how to use the web-based management system to configure a Cisco Aironet Access Point.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a00801495a1.shtml


Cisco Proxy Mobile IP Configuration Note—Application Note

Configuration note details Proxy Mobile IP (PMIP) configuration example on an AP1200, using a Cisco Secure ACS to retrieve security associations (SA) for a mobile device.

http://www.cisco.com/en/US/customer/tech/tk827/tk369/
technologies_white_paper09186a0080187798.shtml


Cisco IOS

ABCs of IOS Networking the Enterprise

An extensive overview of the Cisco IOS software.

http://www.cisco.com/en/US/products/sw/iosswrel/
ios_abcs_ios_networking_the_enterprise_listing.html


Cisco IOS Security Configuration Guide, Release 12.3

The "virtual configuration guide" which includes an extensive section on Authentication, Authorization, and Accounting (AAA).

http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/
prod_configuration_guide09186a008017d583.html


Debug Command Reference: Cisco IOS Release 12.3

Provides information about using debug commands to troubleshoot Cisco network servers.

http://www.cisco.com/en/US/partner/products/sw/iosswrel/ps5187/
products_command_reference_book09186a008017cf4d.html


CiscoWorks

CiscoWorks Management Center for Firewalls—Products and Services

Introduction page for CiscoWorks Management Center for Firewalls links.

http://www.cisco.com/en/US/products/sw/cscowork/
/ps3992/index.html


CiscoWorks VPN/Security Management Solution (VMS)—Products and Services

Introduction page for CiscoWorks VPN/Security Management Solution (VMS) links.

http://www.cisco.com/en/US/products/sw/cscowork/
ps2330/index.html


Initializing Management Center Authorization on Cisco Secure ACS v.3.1—Application Note

Guidance on how to use a Cisco Secure ACS (version 3.1 or greater) for authentication and authorization of a device running CiscoWorks Common Services Software.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080115464.shtml


Configuration

Configuration Examples Cisco Secure ACS for Windows—Index Page

Index page for an extensive set of links for Cisco Secure ACS for Windows configuration examples.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
prod_configuration_examples_list.html


Configuring LDAP for the Cisco Secure Access Control Server—White Paper

Outlines deployment concepts for Cisco Secure ACS when authenticating users of a Lightweight Directory Access Protocol (LDAP) directory server, and describes using these concepts to configure the Cisco Secure ACS.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080092566.shtml


Setting Up the User-Changeable Password Utility in Cisco Secure ACS for Windows

Provides examples of setting up the Cisco Secure ACS for Windows 2.6 (ACS) User-Changeable Password (UCP) utility with Internet Information Server (IIS) on Microsoft Windows 2000 and Microsoft Windows NT.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a0080094e7b.shtml


Configuring IKE Pre-Shared Keys Using a RADIUS Server for the Cisco Secure VPN Client

Describes how to configure IKE shared secret using a RADIUS server. The IKE shared secret feature that uses an authentication, authorization, and accounting (AAA) server enables key lookup from the AAA server. The information is based on using Cisco Secure ACS version 2.6.

http://www.cisco.com/en/US/tech/tk59/
technologies_configuration_example09186a0080094ce2.shtml


Point-To-Point Protocol Configuration Examples—Index Page

Index page of links on PPP.

http://www.cisco.com/en/US/tech/tk713/tk507/
tech_configuration_examples_list.html


Databases

User Databases—Portion of User Guide

Details the operation and employment of the CiscoSecure user database.

http://www.cisco.com/univercd/cc/td/doc/product/access/
acs_soft/csacs4nt/acs32/user/d.htm#41876


CSUtil Database Utility—Portion of User Guide

Details the CiscoSecure ACS command-line utility, CSUtil.exe.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_user_guide_chapter09186a008007cd57.html


EAP-TLS

See also: Certification.

Extensible Authentication Protocol Transport Layer Security Deployment Guide for Wireless LAN Networks—White Paper

Describes EAP-TLS authentication protocol deployment in wireless networks.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a008009256b.shtml


IPSEC

Configuring IPSec Between Hub and Remote PIXes with VPN Client and Extended Authentication

Illustrates an IPSec configuration that includes both gateway-to-gateway and remote user functionality The information is based on using Cisco Secure ACS version 2.6.

http://www.cisco.com/en/US/tech/tk583/tk372/
technologies_configuration_example09186a0080094cea.shtml


IPSec Network Security

A comprehensive guide to IPSec network security.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/
products_feature_guide09186a0080080f59.html#xtocid2


LDAP

Configuring LDAP for the Cisco Secure Access Control Server—White Paper

Outlines deployment concepts for Cisco Secure ACS when authenticating users of a Lightweight Directory Access Protocol (LDAP) directory server, and describes using these concepts to configure the Cisco Secure ACS.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080092566.shtml

Network Access Restrictions—White Paper

Details the employment of NARs in Cisco Secure ACS.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a00801a8fd0.shtml


ODBC

Cisco Secure Access Control Server Version 2.6 External ODBC Authentication—
White Paper

Presents concepts and configuration issues in deploying Cisco Secure ACS for Windows 2000 and NT servers to authenticate users against an external open database connectivity (ODBC) database.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080092565.shtml


PIX

Cisco Secure PIX Firewall Series—Product Page

Starting point for Technical Assistance Center's comprehensive PIX 500 Series Firewall links.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/
tsd_products_support_series_home.html


Authentication and Authorization for PIX 6.2

Technical note that provides an example of setting up PIX command authorization.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/
products_tech_note09186a00800949d6.shtml


Cisco PIX Firewall—Documentation Page

Links to PIX Firewall documents organized by version.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/


Cisco Secure PIX Firewall Command References

Links to PIX Firewall software command references.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/
products_tech_note09186a0080094885.shtml


PPP

Point-to-Point Protocol (PPP)—TAC

Starting point for Technical Assistance Center's comprehensive Point-to-Point Protocol links.

http://www.cisco.com/en/US/tech/tk713/tk507/tsd_technology_support_protocol_home.html


Point-To-Point Protocol Configuration Examples

Index page of links on PPP.

http://www.cisco.com/en/US/tech/tk713/tk507/
tech_configuration_examples_list.html


Privileges

Configuring Passwords and Privileges

Section from the Cisco IOS Release 12.0 Security Configuration Guide on configuring passwords and privileges.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/
secur_c/scprt5/scpass.htm


How to Assign Privilege Levels with TACACS+ and RADIUS

Explains how to change the privilege level for certain commands, and provides an example with parts of sample configurations for a router and TACACS+ and RADIUS servers.

http://www.cisco.com/warp/public/480/PRIV.html


RADIUS (Remote Authentication Dial-In User Service)

RADIUS—TAC

Starting point for Technical Assistance Center's comprehensive RADIUS links.

http://www.cisco.com/en/US/tech/tk583/tk547/tsd_technology_support_sub-protocol_home.html


Configuring RADIUS

Portion of the Cisco IOS Software Release 12.2 that describes the RADIUS security system, defines its operation, and identifies appropriate and inappropriate network environments for using RADIUS technology.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/
products_configuration_guide_chapter09186a00800ca7ab.html#1000872


RADIUS Tunnel Attributes—Documentation Page

Comprehensive guide to RADIUS tunnel attributes.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/
products_feature_guide09186a00800879eb.html


Configuring Basic AAA RADIUS for Dialin Clients Sample Configuration

Describes a sample configuration that uses an access server to accept incoming Analog and ISDN connections, and uses a AAA RADIUS server to authenticate them.

http://www.cisco.com/warp/public/793/access_dial/basicradius.shtml


Configuring PPP Callback with RADIUS

Sample configuration paper that shows examples of configuring the router and server to do Point-to-Point Protocol (PPP) callback with RADIUS.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a0080093dc9.shtml


Configuring Layer 2 Tunnel Protocol Authentication with RADIUS

Provides a sample configuration for Layer 2 Tunnel Protocol (L2TP) Authentication with RADIUS.

http://www.cisco.com/en/US/products/sw/secursw/ps4911/
products_configuration_example09186a00801175d1.shtml


RFCs

Access Control Requirements for LDAP—RFC 2820

Internet Engineering Task Force RFC document on access control requirements for LDAP, dated May 2000.

http://www.ietf.org/rfc/rfc2820.txt?number=2820


An Access Control Protocol, Sometimes Called TACACS—RFC 1492

Internet Engineering Task Force RFC document on TACACS, dated July 1993.

http://www.ietf.org/rfc/rfc1492.txt?number=1492


Internet Security Glossary—RFC 2828

Internet Engineering Task Force RFC glossary document on Internet security, dated May 2000.

http://www.ietf.org/rfc/rfc2828.txt?number=2828


PPP (Point to Point Protocol)—RFC 1661

Internet Engineering Task Force RFC document on PPP, dated July 1994.

http://www.ietf.org/rfc/rfc1661.txt


RADIUS Accounting—RFC 2866

Internet Engineering Task Force RFC document on RADIUS, dated June 2000.

http://www.ietf.org/rfc/rfc2867.txt?number=2867


RADIUS Accounting Modifications for Tunnel Protocol Support)—RFC 2867

Internet Engineering Task Force RFC document on RADIUS accounting modifications for tunnel protocol support, dated June 2000.

http://www.ietf.org/rfc/rfc2867.txt?number=2867


Secure Shell

Secure Shell (SSH)—TAC

Starting point for Technical Assistance Center's comprehensive Secure Shell (SSH) links.

http://www.cisco.com/en/US/tech/tk583/tk617/
tsd_technology_support_protocol_home.html


The Secure Shell Frequently Asked Questions

FAQ page for Secure Shell.

http://www.employees.org/~satch/ssh/faq/ssh-faq.html


Security

Security Overview—Portion of Security Configuration Guide

Section from the Cisco IOS Release 12.0 Security Configuration Guide that describes how to configure Cisco IOS security features for your Cisco networking devices.

http://www.cisco.com/univercd/cc/td/doc/product/software/
ios120/12cgcr/secur_c/scoverv.htm


Securing Cisco Secure Access Control Server Running on Microsoft Windows Platforms—White Paper

Describes how the Cisco Secure ACS can be protected against the vulnerabilities of the Windows NT and Windows 2000 operating systems and explains how to improve security on the server host.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a00800887d8.shtml


IPSec Network Security

A comprehensive guide to IPSec network security.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/
products_feature_guide09186a0080080f59.html#xtocid2


Hardening Security and Improving Productivity with Cisco Secure Access Control Server and CiscoWorks VPN/Security Management Solution—Case Study

Case study that describes the implementation of Cisco Secure ACS at Mountain America Credit Union.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_case_study09186a008014d400.shtml


TACACS+

TACACS+—TAC

Starting point for Technical Assistance Center's comprehensive TACACS+ links, including information on troubleshooting, configuration, and specifications.

http://www.cisco.com/en/US/tech/tk583/tk642/
tsd_technology_support_sub-protocol_home.html


Building a Scalable Network Device Management Framework with the Cisco Secure ACS TACACS+ (RBAC) Server

Information on how to use shell authorization command sets to build scalable network device management system based on Cisco Secure ACS 3.0.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_white_paper09186a0080088893.shtml


An Access Control Protocol, Sometimes Called TACACS—RFC 1492

Internet Engineering Task Force RFC document on TACACS, dated July 1993.

http://www.ietf.org/rfc/rfc1492.txt?number=1492


How to Apply Access Lists to Dial Interfaces with a TACACS+ Server

Demonstrates two ways to apply access lists to dial interfaces with a TACACS+ server.

http://www.cisco.com/en/US/tech/tk59/
technologies_configuration_example09186a0080094656.shtml


Configuring PPP Callback with TACACS+

Sample configuration paper that shows examples of configuring the router and AAA server to do PPP callback with TACACS+.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a008009404f.shtml


CiscoSecure NT: Configuring Large Scale Dialout Using TACACS+—Sample Configuration

See also: How to Assign Privilege Levels with TACACS+ and RADIUS.

Describes how to set up a local router to download static routes and dialer information from CiscoSecure NT, so that when traffic hits the local router and is

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_configuration_example09186a00800945ee.shtml


Virtual Private Networks (VPNs)

How Virtual Private Networks Work—Tech Note

Covers the fundamentals of VPNs, such as basic VPN components, technologies, tunneling, and VPN security.

http://www.cisco.com/en/US/tech/tk583/tk372/
technologies_tech_note09186a0080094865.shtml


Cisco VPN 3000 Concentrator

How to Configure the VPN 3000 Concentrator PPTP with Cisco Secure ACS for Windows RADIUS Authentication

How to configure the Cisco VPN 3000 Series Concentrators using the PPTP tunneling method with Cisco Secure ACS.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/
products_configuration_example09186a0080094a03.shtml


Locking Users into a VPN 3000 Concentrator Group Using a RADIUS Server

The VPN 3000 Concentrator has the ability to lock users into a Concentrator group which will override the group the user has configured in the VPN 3000 client. In this way, access restrictions can be applied to various groups configured on the Concentrator with the assurance that the users are locked into that group with the RADIUS server. This document details how to set up this feature on Cisco Secure ACS.

http://www.cisco.com/en/US/tech/tk59/
technologies_configuration_example09186a00800946a2.shtml


Cisco VPN 3000 Concentrator—Documentation Page

VPN 3000 Concentrator document links, organized by version.

http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/index.htm


Cisco VPN 3000 Concentrator Frequently Asked Questions

FAQ page for VPN 3000 Concentrator.

http://www.cisco.com/warp/public/471/vpn_3000_faq.shtml


Cisco VPN 3000 Concentrator Vendor Specific Attributes: User & Group Attributes—Tech Note

A table of vendor-specific attributes for the Cisco VPN 3000 Concentrator.

http://www.cisco.com/warp/public/471/VSAs_rev22.html


Configuring the Cisco VPN 3000 Concentrator for Blocking with Filters and RADIUS Filter Assignment

How to use filters to allow a user to access only one server inside the network and block access to all other resources using the Cisco VPN 3000 Concentrator.

http://www.cisco.com/en/US/tech/tk59/
technologies_configuration_example09186a0080094eac.shtml


Configuring the Cisco VPN 3000 Series Concentrators to Support the NT Password Expiration Feature Using the RADIUS Server

Step-by-step instructions on how to configure the Cisco VPN 3000 Series Concentrators to support the NT Password Expiration feature using the RADIUS server.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/
products_configuration_example09186a00800946b9.shtml


Using Cisco Secure ACS for Windows with the VPN 3000 Concentrator - IPSec

Recommends the easiest configuration for Cisco Secure ACS for Windows to authenticate users connecting to a VPN 3000 Concentrator.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/
products_tech_note09186a00800a3b88.shtml


Cisco VPN 5000 Concentrator

http://www.cisco.com/en/US/products/hw/vpndevc/ps2301/tsd_products_support_eol_series_home.html


Wireless LAN

See also: EAP-TLS and Cisco Aironet Access Point Software.

WLAN— TAC

See also: Cisco Aironet Access Point Software.

Starting point for Technical Assistance Center's comprehensive wireless LAN links.

http://www.cisco.com/en/US/tech/tk722/tk809/tsd_technology_support_protocol_home.html


Authentication with 802.1x and EAP Across Congested WAN Links

Discusses the requirements and prerequisites for classifying and marking RADIUS packets using the Cisco Modular QoS Command Line (MQC), a methodology to determine the appropriate queue size for the 802.1x/RADIUS packets, and to determine how to enable queuing on router interfaces to provide priority for the RADIUS packets during network congestion.

http://www.cisco.com/en/US/customer/tech/tk722/tk809/
technologies_white_paper09186a00800a9e8e.shtml