LTLnetworker | IT hálózatok, biztonság, Cisco

               IT networks, security, Cisco

Archive for the ‘ACS’ Category

IOS Easy VPN with RADIUS, Cisco Secure ACS 5.1 and AAA cache

Posted by ltlnetworker on May 10, 2010


AAA Authorization and Authentication Cache was integrated in IOS 15.0(1)M. This feature enables the router to store AAA credentials in its cache after it received the RADIUS or TACACS+ reply to an AAA request. The cache can be used either for performance boost (avoiding sending requests to the AAA server) or for a fallback method in case the servers are unreachable. The mode depends on the order you place your authentication methods in the aaa commands (see below).

In this example we are caching TACACS admin users’ credentials (telnet, vty) and RADIUS VPN users’ credentials (IKE xauth). The VPN group is also defined on the RADIUS server.

Read the rest of this entry »

Advertisements

Posted in ACS, Cisco, IPsec, remote access, router IOS | Tagged: , , , , | 1 Comment »