[an error occurred while processing this directive]

Cisco Secure Access Control Server for Windows

Read Me First: Cisco Secure ACS 2.5 for Windows 2000/NT Server Getting Started


Table of Contents

Read Me First
Cisco Secure ACS 2.5 for Windows 2000/NT Server Getting Started

Read Me First
Cisco Secure ACS 2.5 for Windows 2000/NT Server Getting Started

Product Summary

Cisco Secure Access Control Server for Windows 2000/NT Servers Version 2.5 (Cisco Secure ACS) network security software helps you authenticate users by controlling dial-in access to a network access server (NAS) device—an access server, Cisco PIX Firewall, or router. Cisco Secure ACS operates as a Windows NT service and controls the authentication, authorization, and accounting of users accessing networks.

Cisco Secure ACS operates with Windows NT Server version 4.0 or Windows 2000. As a Windows NT 4.0 Server, Cisco Secure ACS can be a Primary Domain Controller or a Backup Domain Controller. If you are not using Windows NT/2000 user databases to authenticate users, Cisco Secure ACS can be a member server.

Note Unless specifically stated otherwise, all references to NAS in the Cisco Secure ACS documentation apply to any access device.

System Requirements

  • Your Windows 2000/NT server must meet the following minimum requirements:

    • Pentium II processor running at 300 MHz or faster.

    • Either Microsoft Windows 2000 Server, or Microsoft Windows 2000/NT Server 4.0 operating system, English language version, with Service Pack 6a installed.

    • 128 MB of RAM, 256 MB recommended for Windows 2000 Server.

    • At least 250 MB of free disk space for Cisco Secure ACS. If you are running your database on the same machine, more disk space is required.

    • Minimum of 256 colors at resolution of 800 x 600 lines.

  • For a new installation of Cisco Secure ACS, use the Windows 2000 operating system. Upgrading a Cisco Secure ACS server from Windows NT 4.0 to Windows 2000 requires more steps than simply upgrading the operating system on your Cisco Secure ACS server. For more information, see Chapter 1, "Overview of Cisco Secure Access Control Server for Windows NT/2000 Servers".

  • For an upgrade of Cisco Secure ACS, follow the installation information in the "Installing Cisco Secure ACS 2.5 for Windows 2000/NT Server" reference card. You can only upgrade the operating system from Windows NT 4.0 to Windows 2000 after upgrading to the current version of Cisco Secure ACS.

  • To have Cisco Secure ACS refer to the Grant Dial-in Permission to User feature, make sure this option is selected in the Windows NT User Manager or Windows 2000 Active Directory for applicable user accounts.

  • Make sure your NAS is running Cisco IOS release 11.2 or higher or you are using a third-party device that can be configured with TACACS+ and/or RADIUS.

Note Be sure to read the Cisco IOS notes for important information on Year-2000 compliance.
  • Make sure dial-in clients can successfully dial in to your NAS.

  • Make sure the Windows 2000/NT Server can ping the NAS.

  • A compatible browser must be installed on the Windows 2000/NT server. Cisco Secure ACS has been tested with Microsoft Internet Explorer 5.0 and Netscape Communicator 4.72. See Release Notes for information about issues with a specific browser version.

  • Java and JavaScript support must be enabled.

Information You Need

  • You must have the following information in order to complete an installation of Cisco Secure ACS:

    • Security protocol:

      TACACS+ (Cisco) (default)


      RADIUS (Cisco IOS)

      RADIUS (Cisco VPN 3000)

      RADIUS (Cisco VPN 5000)

      RADIUS (Ascend)

    • Access server name:

    • Access server IP address:

    • Windows 2000/NT server IP address (if different from the IP address of this machine):

    • TACACS+ or RADIUS key (shared secret):

For More Information

The following additional documentation is available for your Cisco Secure ACS:

  • Installing Cisco Secure ACS 2.5 for Windows 2000/NT Server— Contains information and procedures for installing Cisco Secure ACS.

  • Web Server Installation for Cisco Secure ACS 2.5 for Windows 2000/NT User-Changeable Passwords—Contains information on installing and configuring the web server for use with the optional user-changeable password feature.

  • Online Help—Contains information for each associated window.

  • Online Documentation—A complete online copy of the Cisco Secure Access Control Server for Windows 2000/NT Servers Version 2.5 User Guide. This document is also available in PDF format on the Cisco Secure Access Control Server for Windows 2000/NT Servers Version 2.5 product CD-ROM.

You will also need the documentation for your NASes.

[an error occurred while processing this directive]