Configuring RADIUS and TACACS+ with CSACS
Installation steps

During new installations, or upgrades and reinstallations that do not preserve the existing configuration, the installation requires specific information about the computer that Cisco Secure ACS will be installed on and an AAA client on the network. To facilitate the installation, collect the applicable information before beginning the installation .

NOTE:

If Cisco Secure ACS is being upgraded or reinstalled and the existing configuration and database are to be kept, it is not necessary to perform the following procedure, which requires information already recorded in the original Cisco Secure ACS installation.

To collect information that is required during the installation of Cisco Secure ACS, follow these steps:

Step 1
Determine whether the computer that Cisco Secure ACS will be installed on is a domain controller or a member server. If Cisco Secure ACS is going to be used to authenticate users with a Windows domain user database, be aware that after Cisco Secure ACS is installed additional Windows configuration is necessary.

Step 2
For the first AAA client that will be configured to use AAA services provided by Cisco Secure ACS, determine which AAA protocol and vendor-specific attribute to implement:

  • TACACS+ (Cisco IOS)
  • RADIUS (Cisco Aironet)
  • RADIUS (Cisco BBSM)
  • RADIUS (Cisco IOS/PIX)
  • RADIUS (Cisco VPN 3000)
  • RADIUS (Cisco VPN 5000)
  • RADIUS (IETF)
  • ADIUS (Ascend)
  • RADIUS (Juniper)
  • RADIUS (Nortel)
  • RADIUS (iPass)

Step 3
Record the name of the AAA client.

Step 4
Record the IP address of the AAA client.

Step 5
Record the IP address of the computer where Cisco Secure ACS will be installed.

Step 6
Record the TACACS+ or RADIUS key

Installation Steps
The Cisco Secure ACS installation can be condensed to the following steps:

  1. Preconfigure the Windows 2000 Server system.
  2. Verify a basic network connection between the Windows 2000 Server and the router or routers using ping and Telnet.
  3. Install Cisco Secure ACS for Windows Server on the Windows 2000 Server system.
  4. Initially configure Cisco Secure ACS for Windows Server via the web browser interface.
  5. Configure the router or routers for AAA.
  6. Verify correct installation and operation.

In the lab, students will install Cisco Secure ACS on a Windows 2000 server and learn to use its features to help administer the network.


Lab Activity

Lab Exercise: Install and Configure CSACS 3.3 for Windows

In this lab, students will install Cisco Secure Access Control Server (CSACS) for Windows 2000. Students will then examine the features of CSACS for Windows.

Resources

Resource: Installing Cisco Secure ACS 3.0 and greater for Windows 2000