Cisco Systems OL-24201-01 Camera Accessories User Manual


 
18-6
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 18 Managing System Administration Configurations
Managing Dictionaries
RADIUS (RedCreek)
RADIUS (US Robotics)
TACACS+
To view and choose attributes from a protocol dictionary, select System Administration >
Configuration > Dictionaries > Protocols; then choose a dictionary.
The Dictionary page appears with a list of available attributes as shown in Table 18-7:
Use the arrows to scroll through the attribute list.
ACS 5.3 also supports RADIUS vendor-specific attributes (VSAs). A set of predefined RADIUS VSAs
are available. You can define additional vendors and attributes from the ACS web interface. You can
create, edit, or delete RADIUS VSAs.
After you have defined new VSAs, you can use them in policies, authorization profiles, and RADIUS
token servers in the same way as predefined VSAs. For more information, see:
RADIUS VSAs, page A-6.
Creating, Duplicating, and Editing RADIUS Vendor-Specific Attributes, page 18-6
Creating, Duplicating, and Editing RADIUS Vendor-Specific Attributes
Vendor-Specific Attributes (VSAs) allow vendors to create extension to the RADIUS attributes. The
vendors have a specific vendor number assigned to them. VSAs are attributes that contain subattributes.
ACS 5.3 allows you to create, duplicate, or edit RADIUS VSA (VSAs). To do this:
Some of the internally used attributes cannot be modified.
You cannot modify an attribute’s type if the attribute is used by any policy or policy element.
Step 1 Choose System Administration > Configuration > Dictionaries > Protocols > RADIUS VSA.
Step 2 Do one of the following:
Click Create.
Check the check box next to the RADIUS VSA that you want to duplicate, then click Duplicate.
Check the check box next to the RADIUS VSA that you want to edit, then click Edit.
The Create RADIUS VSA page appears. Modify the fields as described in Table 18-8.
Table 18-7 Protocols Dictionary Page
Option Description
Attribute Name of the attribute.
ID (RADIUS only) The VSA ID.
Type Data type of the attribute.
Direction (RADIUS only) Specifies where the attribute is in use: in the request, in the response, or both. Single
or bidirectional authentication.
Multiple Allowed (RADIUS only) Multiple attributes are allowed. Attributes that specify multiple allowed can be used
more than once in one request or response.