Manualshelf

Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274
211212213214215216217218219220
1-12
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Administrative Login Authentication, Authorization, and Accounting
Configuring Administrative Login Authentication and Authorization
A message appears that explains that if a null-modem cable that has no carrier detect pin wired is being
used, the WAE may appear unresponsive on the console until the carrier detect signal is asserted. To
recover from a misconfiguration, the WAE should be rebooted and the 0x2000 bootflag should be set to
ignore the carrier detect setting.
Step 5 Click OK to continue.
To configure console line carrier detection from the CLI, you can use the line console carrier-detect
global configuration command.
Configuring Remote Authentication Server Settings for WAAS Devices
If you have determined that your login authentication scheme is to include one or more external
authentication servers, you must configure these server settings before you can configure the
authentication scheme in the WAAS Central Manager GUI. The section contains the following topics:
Configuring RADIUS Server Authentication Settings, page 1-12
About TACACS+ Server Authentication Settings, page 1-14
Configuring TACACS+ Server Settings, page 1-15
Configuring Windows Domain Server Authentication Settings, page 1-17
LDAP Server Signing, page 1-23
Configuring RADIUS Server Authentication Settings
RADIUS is a client/server authentication and authorization access protocol used by a network access
server (NAS) to authenticate users attempting to connect to a network device. The NAS functions as a
client, passing user information to one or more RADIUS servers. The NAS permits or denies network
access to a user based on the response that it receives from one or more RADIUS servers. RADIUS uses
the User Datagram Protocol (UDP) for transport between the RADIUS client and server.
RADIUS authentication clients reside on devices that are running WAAS software. When enabled, these
clients send authentication requests to a central RADIUS server, which contains user authentication and
network service access information.
You can configure a RADIUS key on the client and server. If you configure a key on the client, it must
be the same as the one configured on the RADIUS servers. The RADIUS clients and servers use the key
to encrypt all RADIUS packets transmitted. If you do not configure a RADIUS key, packets are not
encrypted. The key itself is never transmitted over the network.
Note For more information about how the RADIUS protocol operates, see RFC 2138, Remote Authentication
Dial In User Service (RADIUS).