Cisco Internal Use Only
Copyright © 2001 Cisco Systems, Inc. All rights reserved.
Page 5 of 9
– EAP Proxy
• IETF RADIUS tunnel support (RFC 2867, RFC 2868)
• Automatic and customizable Reply-Message generation
Accounting
• Local file
– Store accounting records in single file or multiple files
– Automatic file rollover based on file age, size, or specific time
• Proxy
– Option to ignore acknowledgements and continue processing
• Database
– Write accounting records directly to an Oracle or MySQL database
– Schema independent
– Buffering option for higher throughput and fault tolerance
Proxy/Database/LDAP Configuration
• Define a list of remote systems to be used in failover or round-robin modes
• Accept All, Reject All, and Drop Packet outage policies available when no remote systems are available
• Define the individual characteristics of each remote system; for example, ports, timeouts, retries, or reactivate timers
• Sophisticated algorithms to detect status of remote systems
Request Processing Decisions
• Process requests using different methods; for example, use LDAP for some access requests, the internal database for others
• Process requests using a combination of these methods; store an accounting request to a local file and proxy it to a remote RADIUS server
• Split authentication and authorization by selecting one method for authentication and another for authorization (One-Time Password [OTP]
server and Oracle database)
• Decide which method to use based on attributes in the request or on Cisco Access Registrar’s “environment variables”, such as source or
destination IP address or UDP port
• Easy method selection based on DNS domain, username prefix, dialed number, calling number, or network access server (NAS), using the
Cisco Access Registrar Policy Engine
Session/Identity Tracking and Caching
• Built-in feature to track user sessions and allocate resources
• Enforcement of session limits per user and per group
• Allocation of addresses from IP pools
• Allocation of home agents and on-demand address pools
• Real-time query of the session table using the command-line interface (CLI) or XML over UDP
• Add custom information to the session table
• Configure which attributes to store in the session table
• Manual release of sessions and resources
• Query and release sessions based on session age, username, NAS, and other criteria
• Release sessions and generate PoD
(80 paginas)
(39 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales