7-20
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 7 Managing Network Resources
Working with External Proxy Servers
Step 2 Do one of the following:
• Click Create.
• Check the check box next to the external proxy server that you want to duplicate, then click
Duplicate.
• Click the external proxy server name that you want to edit, or check the check box next to the name
and click Edit.
The External Proxy Servers page appears.
Step 3 Edit fields in the External Proxy Servers page as shown in Table 7-7.
Step 4 Click Submit to save the changes.
The external Proxy Server configuration is saved. The External Proxy Server page appears with the new
configuration.
Table 7-7 External Policy Servers Page
Option Description
General
Name Name of the external RADIUS or TACACS+ server.
Description (Optional) The description of the external RADIUS or TACACS+ server.
Server Connection
Server IP Address IP address of the external RADIUS or TACACS+ server.
Shared Secret Shared secret between ACS and the external RADIUS or TACACS+ server that is used for
authenticating the external RADIUS or TACACS+ server.
A shared secret is an expected string of text that a user must provide to enable the network device to
authenticate a username and password. The connection is rejected until the user supplies the shared
secret.
Show/Hide button is available to view the Shared secret in plain text or hidden format.
Advanced Options
RADIUS Choose to create RADIUS proxy server.
TACACS+ Choose to create TACACS+ proxy server.
CiscoSecure ACS Default choice. Supports both RADIUS and TACACS+.
Authentication Port RADIUS authentication port number. The default is 1812.
Accounting Port RADIUS accounting port number. The default is 1813.
Server Timeout Number of seconds ACS waits for a response from the external RADIUS server. The default is 5
seconds. Valid values are from 1 to 999.
Connection
Attempts
Number of times ACS attempts to connect to the external RADIUS server. The default is 3 attempts.
Valid values are from 1 to 99.
Connection Port TACACS+ connection port. The default is 49.
Network Timeout Number of seconds ACS waits for a response from the external TACACS+ server. The default is 20
seconds.