Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
554
Views
0
Helpful
2
Replies

ACS Server "Device List" isn't working

Beacon Bits
Level 1
Level 1

‎02-10-2017 03:01 AM - edited ‎03-11-2019 12:26 AM

Hi everyone,

In my lab setup, I configured ACS server and created some test user accounts.

I added my switch in the ACS Client Device list and users are being authenticating perfectly fine.

In second lab scenario, where I haven't added second switch in the ACS Client Device List but only pointing my Second switch to ACS server. Strangely, I can see that I can logon into the switch through users I've created in the ACS Server.

My question is .. What role does ACS Client Device List play. 

If ACS is authenticating my users without adding my second switch then what's the point ....

OR

Am I missing any config to check if the devices are in some sort of Trusted list?

Please advise...

Regards,

S

Labels:
0 Helpful
2 Replies 2

darknair
Level 1
Level 1

‎02-10-2017 03:18 AM

I believe the client list you put the switch into is used for remote management of that device and not for authenticating users.

0 Helpful

Beacon Bits
Level 1
Level 1

‎02-10-2017 03:40 AM

Thank you guys...

I have found answer to my own question is that.

Below the "Network Devices and AAA Clients" there is "Default Network devices".. this defines the default shared secret for the radius devices. if device is not listed in the Network Device list but has the same shared secret then ACS take the device as default device provided the shared secret is configured same as the one in the Device list.

Regards,

S

0 Helpful
Customers Also Viewed These Support Documents