1. Install System Certificate from "System Administration / Configuration / Local Server Certificates / Local Certificates"; Each ACS system has a self-signed certificate which is used for HTTPS and EAP tunnel encryption.
2. Add ACS Administrator from "System Administration / Administrator / Accounts"
3. Configure logging from "System Administration / Configuration / Log Configuration / Logging Categories / Global"
– Customize Logging info
– Syslog destination
– Local log data retention
– Customize ACS centralized log collection
4. Define Network Devices from "Network Resources / Network Devices and AAA Clients"
– Check either TACACS or RADIUS. If TACACS, put share-key.
– Network devices group location
– Network devices type
5. Add Users from "Users and Identity Stores / Internal Identitiy Stores / Users"
– For the Cisco devices, put "enable password" as well.
6. Create Authorization rule from
< Access Control Policy >
1. Define Policy Elements from "Policy Elements"
– Time & Date Condition
– Custom condition
– Network Access Authorization Profiles
– Devices Shell Profiles
– Device Commend sets
2. Create New Access Services from "Access Policies"
– Access Services
– Serivce Selection Policy
3. Create Policy Rule from "
– Identity Policy
– Authorization Policy