Solved: Configuring AAA network client on ACS v5.1 using the same RADIUS atributes from ACS v3.3

mourad lafjer · ‎02-06-2012

Hello,

I was wondering if i should use the same RADIUS VSA attribute on ACS v5.1 to authenticate AAA clients as those i was using on my old ACS v3.3 server.

Exemple : under ACS v3.3 i was using RADIUS (Cisco Aironet) attribute to authenticate AP & WLC, should i do the same under ACS v5.1 ?

Best regards.

camejia · ‎02-08-2012

Hello,

When defining AAA client on the new ACS 5.x server you just select TACACS+ or RADIUS. We no longer define the RADIUS "vendor"/"VSA" when creating the AAA Client entry. All AAA client would be defined as RADIUS or TACACS+ only.

If you were using specific VSA Attributes then you need to send those attributes back configuring Authorization Profiles on the ACS 5.x. You will find the specific VSA attributes there. Refer to the following screenshots:

And here are the available attributes for the ACS for RADIUS Aironet:

NOTE: click images to enlarge.

If this was helpful please rate.

Regards

View solution in original post

camejia · ‎02-08-2012

Hello,

When defining AAA client on the new ACS 5.x server you just select TACACS+ or RADIUS. We no longer define the RADIUS "vendor"/"VSA" when creating the AAA Client entry. All AAA client would be defined as RADIUS or TACACS+ only.

If you were using specific VSA Attributes then you need to send those attributes back configuring Authorization Profiles on the ACS 5.x. You will find the specific VSA attributes there. Refer to the following screenshots:

And here are the available attributes for the ACS for RADIUS Aironet:

NOTE: click images to enlarge.

If this was helpful please rate.

Regards

mourad lafjer · ‎02-08-2012

Hello Sir,

Thank you very much for your answer, i've tested RADIUS authentication without choosing an attribute and that worked fine.

Best regards.