9-5
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 9 NAC Configuration Scenario
Step 3: Set Up System Configuration
Step 2 In the AAA Servers table, click the name of the AAA server in the AAA Server Name column.
The AAA Server Setup page opens, shown in Figure 9-2.
Figure 9-2 AAA Server Setup Page
Step 3 In the Key field, enter the shared secret that you used to set up the AAA clients.
Step 4 Click Submit and Apply.
Step 3: Set Up System Configuration
This section describes the following tasks:
• Install and Set Up an ACS Security Certificate, page 9-5
• Set Up Global Configuration, page 9-8
Install and Set Up an ACS Security Certificate
You must configure ACS with a digital certificate for establishing client trust when ACS challenges the
client for its credentials. Note these points:
• For authenticated in-band Protected Access Credential (PAC) provisioning for EAP-FAST, the client
must have a certificate that matches the one installed in ACS.
• For the most scalable NAC environments, Cisco recommends a production public key infrastructure
(PKI) that the production certificate authority (CA) or registration authorities (RAs) sign.
This section describes a simplified procedure for the ACS for Windows platform. For detailed
information on installing certificates and for information on how to install certificates on the Cisco
Secure ACS Solution Engine platform, see Chapter 9 of the User Guide for Cisco Secure ACS 4.2,
“Advanced Configuration: Authentication and Certificates.”