Manualshelf

Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274
201202203204205206207208209210
CHAPTER
1-1
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
1
Configuring Administrative Login Authentication,
Authorization, and Accounting
This chapter describes how to configure administrative login authentication, authorization, and
accounting for Wide Area Application Services (WAAS) devices.
This chapter contains the following sections:
About Administrative Login Authentication and Authorization, page 1-1
Configuring Administrative Login Authentication and Authorization, page 1-5
Configuring AAA Command Authorization, page 1-31
Configuring AAA Accounting for WAAS Devices, page 1-31
Viewing Audit Trail Logs, page 1-33
You use the WAAS Central Manager GUI to centrally create and manage two different types of
administrator user accounts (device-based CLI accounts and roles-based accounts) for your WAAS
devices. For more information, see Chapter 1, “Creating and Managing Administrator User Accounts
and Groups.
Note Throughout this chapter, the term WAAS device is used to refer collectively to the WAAS Central
Managers and WAEs in your network. The term WAE refers to WAE appliances, WAE Network Modules
(the NME-WAE family of devices), and SM-SRE modules running WAAS.
About Administrative Login Authentication and Authorization
In the WAAS network, administrative login authentication and authorization are used to control login
requests from administrators who want to access a WAAS device for configuring, monitoring, or
troubleshooting purposes.
Login authentication is the process by which WAAS devices verify whether the administrator who is
attempting to log in to the device has a valid username and password. The administrator who is logging
in must have a user account registered with the device. User account information serves to authorize the
user for administrative login and configuration privileges. The user account information is stored in an
AAA database, and the WAAS devices must be configured to access the particular authentication server
(or servers) where the AAA database is located. When the user attempts to login to a device, the device
compares the person’s username, password, and privilege level to the user account information that is
stored in the database.