Manualshelf

Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274
221222223224225226227228229230
1-13
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Administrative Login Authentication, Authorization, and Accounting
Configuring Administrative Login Authentication and Authorization
RADIUS authentication usually occurs when an administrator first logs in to the WAAS device to
configure the device for monitoring, configuration, or troubleshooting purposes. RADIUS
authentication is disabled by default. You can enable RADIUS authentication and other authentication
methods at the same time. You can also specify which method to use first.
You can configure multiple RADIUS servers; authentication is attempted on the servers in order. If the
first server is unreachable, then authentication is attempted on the other servers in the farm, in order. If
authentication fails for any reason other than a server is unreachable, authentication is not attempted on
the other servers in the farm.
Tip The WAAS Central Manager does not cache user authentication information. Therefore, the user is
reauthenticated against the RADIUS server for every request. To prevent performance degradation
caused by many authentication requests, install the WAAS Central Manager device in the same location
as the RADIUS server, or as close as possible to it, to ensure that authentication requests can occur as
quickly as possible.
To centrally configure RADIUS server settings for a WAAS device or device group, follow these steps:
Step 1 From the WAAS Central Manager menu, choose Devices > device-name (or Device Groups >
device-group-name).
Step 2 Choose Configure > Security > AAA > RADIUS. The RADIUS Server Settings window appears. (See
Figure 1-3.)
Figure 1-3 RADIUS Server Settings Window
Step 3
In the Time to Wait field, specify how long the device or device group should wait for a response from
the RADIUS server before timing out. The range is from 1 to 20 seconds. The default value is 5 seconds.
Step 4 In the Number of Retransmits field, specify the number of attempts allowed to connect to a RADIUS
server. The default value is 2 times.
Step 5 In the Shared Encryption Key field, enter the secret key that is used to communicate with the RADIUS
server.