Chapter 8
Establishing Cisco Secure ACS System Configuration
Step 5
Global Authentication Setup
Configuring Authentication Options
Step 1
Step 2
Step 3
78-14696-01, Version 3.1
You can now install the replacement certificate in the same manner as an original
certificate. For detailed steps, see
Certificate, page
8-74.
Use the Global Authentication Setup page to specify the settings for all EAP and
MS-CHAP authentication requests.
Use this procedure to select and configure how Cisco Secure ACS handles options
for authentication. In particular, use this procedure to specify and configure the
varieties of EAP that you allow, and to specify whether you allow either
MS-CHAP Version 1 or MS-CHAP Version 2, or both.
For more information on the EAP-TLS Protocol, see
Protocol, page
8-70; for more information on the PEAP protocol, see
PEAP Protocol, page
8-72. For details regarding how various password protocols
are supported by the various databases, see
Compatibility, page
1-9.
To configure authentication options, follow these steps:
In the navigation bar, click System Configuration.
Click Global Authentication Setup.
Result: Cisco Secure ACS displays the Global Authentication Setup page.
If you want to allow PEAP, follow these steps:
In the EAP Configuration table, select the Allow PEAP check box.
a.
In the PEAP client initial display message: box, type the message you want
b.
displayed during PEAP authentication. The message has a limit of 60
characters.
Installing a Cisco Secure ACS Server
Authentication Protocol-Database
User Guide for Cisco Secure ACS for Windows Server
Global Authentication Setup
About the EAP-TLS
About the
8-81