Table of Contents
Advertisement
Chapter 11
Working with User Databases
Note
Configuring a LEAP Proxy RADIUS Server External User Database
Step 1
Step 2
Step 3
78-13751-01, Version 3.0
The third-party RADIUS server must return Microsoft Point-to-Point
Encryption (MPPE) keys in the Microsoft RADIUS vendor-specific attribute
(VSA) MSCHAP-MPPE-Keys (VSA 12). If the third-party RADIUS server
does not return the MPPE keys, the authentication fails and is logged in the
Failed Attempts log.
Cisco Secure ACS support RADIUS-based group mapping for users
authenticated by LEAP Proxy RADIUS Server databases. For more information,
see the
"RADIUS-Based Group Specification" section on page
You should install and configure your proxy RADIUS server before configuring
Cisco Secure ACS to authenticate users with it. For information about installing
the proxy RADIUS server, refer to the documentation included with your
RADIUS server.
To configure LEAP proxy RADIUS authentication, follow these steps:
In the navigation bar, click External User Databases.
Click Database Configuration.
Result: Cisco Secure ACS displays a list of all possible external user database
types.
Click LEAP Proxy RADIUS Server.
Result: If no LEAP Proxy RADIUS Server configuration exists, only the Database
Configuration Creation table appears. Otherwise, in addition to the Database
Configuration Creation table, the External User Database Configuration table
appears.
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
LEAP Proxy RADIUS Server Database
12-21.
11-45
Advertisement
Table of Contents
Troubleshooting
