Cisco 3.3 User Manual page 81

Chapter 2 Deployment Considerations
•
Table 2-1
AAA clients, other Cisco Secure ACSes and applications, and web browsers.
Cisco Secure ACS uses other ports to communicate with external user databases;
however, it initiates those communications rather than listening to specific ports.
In some cases, these ports are configurable, such as with LDAP and RADIUS
token server databases. For more information about ports that a particular external
user database listens to, see the documentation for that database.
Table 2-1
Feature/Protocol
RADIUS authentication and authorization
RADIUS accounting
TACACS+
CiscoSecure Database Replication
RDBMS Synchronization with
synchronization partners
User-Changeable Password web application
Logging
Administrative HTTP port for new sessions
Administrative HTTP port range
78-16592-01
We tested Cisco Secure ACS on computers that have only one
Note
network interface card.
If you want to have Cisco Secure ACS use the "Grant Dial-in Permission to
User" feature in Windows when authorizing network users, this option must
be selected in the Windows User Manager or Active Directory Users and
Computers for the applicable user accounts.
lists the ports that Cisco Secure ACS listens to for communications with
Ports that Cisco Secure ACS Listens To
User Guide for Cisco Secure ACS for Windows Server
Basic Deployment Requirements for Cisco Secure ACS
UDP or TCP?
UDP
UDP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
Ports
1645, 1812
1646, 1813
49
2000
2000
2000
2001
2002
Configurable;
default 1024
through 65535
2-5