Configuring authentication
Using the console server plug-in, you can configure two of the centralized authentication types available: the DSView 3 management software or the Radius authentication server.
DSView 3 management software configuration
To enable centralized authentication in the DSView 3 software, first select one of the three DSView 3 software authentication types: DSView, DSView/Local or DSViewDownLocal. When the DSView 3 software centralized authentication service is configured, the DSView 3 server is used to authenticate users accessing the console server.
To select a DSView 3 software authentication type:
|
1.
|
In a Units View window containing an ACS 5000 console server, click Appliance Settings - Authentication Type in the side navigation bar. |
|
2.
|
Select an Authentication Type from the drop-down list. Click Save. |
|
3.
|
Click Flash Required to save your changes to the console server Flash memory. |
You may use the Appliance Settings - Appliance Authentication Servers - DSView page to configure up to four DSView 3 software authentication servers for the DSView, DSViewLocal or DSViewDownLocal authentication methods.
NOTE: To configure IPv6 addresses, the console server must have firmware version 3.3 or later.
To configure DSView 3 software authentication servers:
|
1.
|
In a Units View window containing an ACS 5000 console server, click Appliance Settings - Authentication Servers - DSView in the side navigation bar. |
|
2.
|
Enter the IPv4 or IPv6 addresses of up to four DSView 3 software authentication servers on your network. Click Save. |
|
3.
|
Click Flash Required to save your changes to the console server Flash memory. |
Radius authentication server configuration
The console server also supports the Radius authentication server. You may use the Appliance Authentication Servers - Radius page to configure up to four Radius authentication servers.
To configure Radius authentication servers:
|
1.
|
In a Units View window containing an ACS 5000 console server, click Appliance Settings - Authentication Servers - Radius in the side navigation bar. |
|
2.
|
Enter the IPv4 or IPv6 addresses of up to four Radius authentication servers on your network (up to two authentication servers and up to two accounting servers). |
|
3.
|
In the Secret field, enter the secret configured in the Radius Server. |
|
4.
|
In the Timeout field, enter the amount of time in seconds the console server will wait for the Radius server to respond before trying again. |
|
5.
|
In the Retries field, enter the number of retries to attempt if the Radius server does not respond before trying the secondary server. |
|
6.
|
Select the Enable Service-Type attribute checking checkbox to authorize the console server to retrieve the level of the user (admin or regular) based on the Service-Type attribute from the Radius server. |
|
8.
|
Click Flash Required to save your changes to the console server Flash memory. |