Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
251252253254255256257258259260
7-26
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 7 User Management: Configuring Authentication Servers
Adding an Authentication Provider
Allow All
The AllowAll option is a special authentication type that provides an alternative to the Guest Access
login button feature. It allows users to type in any credential to login (e.g., an email address for user name
and/or password) but does not validate the credentials. This option can be used when administrators want
to capture limited information on who is logging in (such as a list of email addresses). The identifier the
user submits in the login page will appear as the User Name in the Online Users page while the user is
logged in. In this case, administrators should also modify the Username Label button label on the login
page to reflect the type of value they want users to enter as a credential. See Guest User Access,
page 5-17 for additional details.
Note The AllowAll auth type can be applied to users other than “guest.” Any normal login role (e.g. one
configured for posture assessment) can be specified as the Default Role for the AllowAll auth type.
Step 1 Go to User Management > Auth Servers > New.
Step 2 From the Authentication Type dropdown menu, choose Allow All.
Figure 7-17 Allow All Auth Server Type
Step 3
Provider Name—Type a unique name for this authentication provider. Enter a meaningful or
recognizable name if web login users will be able to select providers from the web login page.
Step 4 Default Role—Choose the user role assigned to users authenticated by this provider. This default role
is used if not overridden by a role assignment based on MAC address or IP address.
Step 5 Description—Enter an optional description of this auth server for reference.
Step 6 Click Add Server.
Guest
The Guest option is very similar in implementation and application to the Allow All auth server type
and it serves as a useful alternative to guest users simply logging in via the existing guest access button
on the web login page. Like the Allow All auth server type, the Guest option allows users to type in any
credential to login (e.g., an Email address for user name and/or password) but does not validate the
credentials, but also enables you to collect other required or optional information not available in the