Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

4-23

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Chapter 4 Setting Up the Sensor

Configuring Authentication and User Parameters

e. Enter the secret value that you obtained from the RADIUS server. The shared secret is a piece of

data known only to the parties involved in a secure communication.

sensor(config-aaa-rad-pri)# shared-secret kkkk

sensor(config-aaa-rad-pri)#

Note You must have the same secret value configured on both the RADIUS server and the IPS

sensor so that the server can authenticate the requests of the client and the client can

authenticate the responses of the server.

Step 7 (Optional) Enable a secondary RADIUS server to perform authentication in case the primary RADIUS

server is not responsive:

a. Enter secondary server submode.

sensor(config-aaa-rad)# secondary-server enabled

sensor(config-aaa-rad-sec)#

b. Enter the IP address of the second RADIUS server.

sensor(config-aaa-rad-sec)# server-address 10.4.5.6

sensor(config-aaa-rad-sec)#

c. Enter the RADIUS server port. If not specified, the default RADIUS port is used.

sensor(config-aaa-rad-sec)# server-port 1812

sensor(config-aaa-rad-sec)#

d. Enter the amount of time in seconds you want to wait for the RADIUS server to respond.

sensor(config-aaa-rad-sec)# time-out 8

sensor(config-aaa-rad-sec)#

e. Enter the secret value you obtained for this RADIUS server. The shared secret is a piece of data

known only to the parties involved in a secure communication.

sensor(config-aaa-rad-sec)# shared-secret yyyyy

sensor(config-aaa-rad-sec)#

Note You must have the same secret value configured on both the RADIUS server and the IPS

sensor so that the server can authenticate the requests of the client and the client can

authenticate the responses of the server.

Step 8 Specify the type of console authentication.

sensor(config-aaa-rad)# console-authentication radius-and-local

sensor(config-aaa-rad)#

You can choose local, local and RADIUS, or RADIUS.

Step 9 Verify the settings:

sensor(config-aaa-rad)# show settings

radius

-----------------------------------------------

primary-server

-----------------------------------------------

server-address: 10.1.2.3

server-port: 1812 <defaulted>

shared-secret: kkkk

previous next