Filter
Top Products
Chapter 11 Working with User Databases
Token Server User Databases
11-52
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Step 6 Click Configure.
Step 7 In the following boxes, type the required information:
• Primary Server Name/IP—The hostname or IP address of the primary
RADIUS token server. If you provide the hostname, the hostname must be
resolvable by DNS.
• Secondary Server Name/IP—The hostname or IP address of the secondary
RADIUS token server. If you provide the hostname, the hostname must be
resolvable by DNS.
• Shared Secret—The shared secret of the RADIUS server. This must be
identical to the shared secret with which the RADIUS token server is
configured.
• Authentication Port—The TCP port over which the RADIUS server
conducts authentication sessions. If the RADIUS token server is installed on
the same Windows NT/2000 server as Cisco Secure ACS, this port should not
be the same port used by Cisco Secure ACS for RADIUS authentication. For
more information about the ports used by Cisco Secure ACS for RADIUS,
see the “RADIUS” section on page 1-6.
• Timeout (seconds):—The number of seconds Cisco Secure ACS waits for a
response from the RADIUS token server before retrying the authentication
request.
• Retries—The number of authentication attempts Cisco Secure ACS makes
before failing over to the secondary RADIUS token server.
• Failback Retry Delay (minutes)—The number of minutes that
Cisco Secure ACS sends authentication requests to the secondary server
when the primary server has failed. When this duration is ended,
Cisco Secure ACS reverts to sending authentication requests to the primary
server.
Note If both the primary and the secondary servers fail,
Cisco Secure ACS alternates between both servers until one
responds.