Filter
Top Products
9-20
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 9 NAC Configuration Scenario
Step 5: Set Up Shared Profile Components
Step 5 Click Submit.
After performing these steps, from a remote host, you can open a browser in which to administer ACS.
The URLs for remote access are:
• http://IP_address:2002
• http://hostname:2002
Step 5: Set Up Shared Profile Components
Before you can set up NAPs, you must set up Shared Profile Components.
Shared Profile Components are configurations that can be reused across many different NAPs to set up
filtering within ACS or to control network authorizations within RADIUS.
A NAP is a classification of network-access requests for applying a common policy. You can use NAPs
to aggregate all policies that should be activated for a certain location in the network or for users who
connect to the network by using specified protocols such as EAP over UDP (EoU) or 802.1x.
For detailed information on NAPs, see Chapter 14 of the User Guide for Cisco Secure ACS, 4.2,
“Network Access Profiles.”
This section describes the following tasks:
• Configure Network Access Filtering (Optional), page 9-20
• Configure Downloadable IP ACLs, page 9-21
• Configure Radius Authorization Components, page 9-25
Configure Network Access Filtering (Optional)
NAF is an ACS feature that groups several devices into one group. The devices can be ACS clients, ACS
servers, ACS network device groups (NDGs), or a specific IP address. NAFs are particularly useful for
defining NAPs.
When you set up Downloadable IP ACLs, you can:
• Assign the default NAF, which is All AAA Clients.
This default allows access to all clients.
• Set up a NAF to limit access to specified clients.
To set up a NAF:
Step 1 In the navigation bar, click Shared Profile Components.
The Shared Profile Components page opens.
Step 2 Click Network Access Filtering.
The Network Access Filtering table appears. Initially, this table does not contain shared
profile
components.
Step 3 Click Add.
The Edit Network Access Filtering page opens, as shown in Figure 9-11.