cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1141
Views
10
Helpful
2
Replies

where is the shared secret field for the ACS 5.3 server itself?

Hi,

We currently have a distributed PR and DR ACS 5.3 setup, set up with tacacs devices and one radius device.

The radius device is used Opnet's  AppResponse Xpert Admin. We are trying to intergrate AppResponse Xpert Admin with ACS.

The GUI for AppResponse Xpert Admin is asking for the radius server ip address - i.e our ACS , radius port  - i.e 1812 and "secret" - I'm guessing this means the shared secret of the actual ACS itself (not the shared secret used by network devices) .

On our ACS 4.2 systems we have a field for a shared secret regarding the ACS server itself (to authorise replication?).

Using the search function for "Shared Secret"  in pdf "User Guide for Cisco Secure Access Conrol System 5.3" has only found references to setting one for network devices and not a field for the ACS itself.

Is a ACS server shared secret still relevant for the ACS 5.x system?

1 ACCEPTED SOLUTION

Accepted Solutions
edwjames
Participant

Hi Stuart,

To answer your question:

There is no shared secret for the ACS itself.

If the ACS is going to communicate with another device, you have to define a AAA client and define a shared secret.

ACS 4, used that shared secret to protect/secure the replication, in ACS 5, the replication secured with encryption and not shared secrets(hash).

Rate if useful

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

View solution in original post

2 REPLIES 2
edwjames
Participant

Hi Stuart,

To answer your question:

There is no shared secret for the ACS itself.

If the ACS is going to communicate with another device, you have to define a AAA client and define a shared secret.

ACS 4, used that shared secret to protect/secure the replication, in ACS 5, the replication secured with encryption and not shared secrets(hash).

Rate if useful

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

Just to add ACS 5.x uses RMI over SSL with 3des cipher suit.

WOW edward +5 from me

Jatin Katyal


- Do rate helpful posts -

~Jatin
Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube