Advanced User Authentication Settings
Step 3
Step 4
Setting Microsoft RADIUS Parameters for a User
User Guide for Cisco Secure ACS for Windows Server
7-46
In the Cisco VPN 5000 Concentrator Attribute table, to specify the attributes that
should be authorized for the user, follow these steps:
Select the check box next to the particular attribute.
a.
Further define the authorization for that attribute in the box next to it.
b.
Continue to select and define attributes, as applicable.
c.
For more information about attributes, see
Attributes,"
or your AAA client documentation.
Do one of the following:
If you are finished configuring the user account options, click Submit to
•
record the options.
•
To continue to specify the user account options, perform other procedures in
this chapter, as applicable.
Microsoft RADIUS provides VSAs supporting Microsoft Point-to-Point
Encryption (MPPE), which is an encryption technology developed by Microsoft
to encrypt point-to-point (PPP) links. These PPP connections can be via a dial-in
line, or over a Virtual Private Network (VPN) tunnel. The Microsoft RADIUS
attribute configurations display only if both the following are true:
A AAA client has been configured in Network Configuration that uses a
•
RADIUS protocol that supports the Microsoft RADIUS VSA.
The Per-user TACACS+/RADIUS Attributes check box is selected under
•
Advanced Options in the Interface Configuration section.
The user-level RADIUS (Microsoft) attributes you want to apply have been
•
enabled under RADIUS (Microsoft) in the Interface Configuration section.
The following Cisco Secure ACS RADIUS protocols support the Microsoft
RADIUS VSA:
Cisco IOS
•
•
Cisco VPN 3000
Cisco VPN 5000
•
Ascend
•
Chapter 7
Setting Up and Managing User Accounts
Appendix C, "RADIUS
78-14696-01, Version 3.1