-
GUI Administrator Guide for Cisco Unified Messaging Gateway (Cisco UMG) Release 8.0
-
Introduction
-
Limitations
-
Overview of Tasks
-
Logging In to the System
-
Adding System Settings
-
Supporting High Availability
-
Add a Central Voicemail Server Wizard
-
Add a Central Call Agent Wizard
-
Add an SRSV-CUE Device Wizard
-
Registering an SRSV-CUE Device
-
Configuring Users
-
Setting Default Values for the System
-
Configuring Groups
-
Configuring Privileges
-
Configuring Authorization, Authentication, and Accounting
-
Changing a Central Voicemail Server
-
Changing Central Voicemail Servers
-
Removing a Central Voicemail Server
-
Changing a Central Call Agent
-
Changing Central Call Agents
-
Removing a Central Call Agent
-
Viewing SRST References
-
Viewing SRSV-CUE Devices
-
Changing an SRSV-CUE Device
-
Removing an SRSV-CUE Device
-
Importing SRST Sites
-
Provisioning an SRSV-CUE Device
-
Changing the Information for SRST Sites
-
Changing the Information for One SRST Site
-
Changing the Information for Multiple SRST Sites
-
Using Site Templates
-
Creating Site Templates
-
Configuring Unassigned Branch Voicemail Servers
-
Changing System Settings
-
Configuring the DNS Server
-
Configuring the NTP Server
-
Configuring the Banner
-
Viewing Reports
-
Monitoring the Provisioning Process
-
Monitoring the Voicemail Upload
-
Troubleshooting
-
Configuring the Backup and Restore Functionality
-
Configuring the Control Panel
-
Configuring Licenses
-
Glossary
-
Feedback
Table Of Contents
Configuring Authentication, Authorization, and Accounting
Configuring the AAA Authentication Server
About the Authentication Order
Example of Authentication Sequence
Configuring Connection Parameters for the AAA Authentication Server
Specifying the Policy that Controls the Behavior of Authentication and Authorization
Configuring the AAA Accounting Server
About Event Logging for AAA Accounting
Configuring the AAA Accounting Server and Event Logging
Configuring Authentication, Authorization, and Accounting
•
Configuring the AAA Authentication Server
•
•
Configuring the AAA Authentication Server
•
•
•
•
About the Authentication Order
The AAA policy specifies the failover functionality that you can optionally configure for the authentication server. You can use these two types of failover functionality separately or in combination:
•
•
About Authentication Failover
The authentication failover feature enables you to optionally use a remote RADIUS server for user login authentication, in addition to the local database. You can configure authentication to use:
•
•
•
•
When using both local and remote authentication, you can also configure whether you want the user attributes that are retrieved from a remote RADIUS AAA server to be merged with the attributes found in the local user database for the same username.
Note
•
•
•
About Unreachable Failover
The Unreachable Failover feature is used only with RADIUS servers. This feature enables you to configure up to two addresses that can be used to access RADIUS servers.
As the Cisco Unified SRSV system attempts to authenticate a user with the RADIUS servers, the system sends messages to users to notify them when a RADIUS server either cannot be reached or fails to authenticate the user.
Example of Authentication Sequence
In this example, authentication is performed by the remote server first, then by the local database. Also, two addresses are configured for the remote RADIUS server.
This sequence of events could occur during authentication for this example:
1.
2.
3.
4.
Configuring Connection Parameters for the AAA Authentication Server
Procedure
Step 1
Step 2
The system displays the Configure AAA Authentication page.
Step 3
•
•
•
•
•
•
Step 4
Step 5
Specifying the Policy that Controls the Behavior of Authentication and Authorization
Procedure
Step 1
Step 2
The system displays the Configure AAA Authorization page.
Step 3
Step 4
Step 5
Configuring the AAA Accounting Server
•
•
Overview of AAA Accounting
You can configure up to two AAA accounting servers. Automatic failover functionality is provided if you have two accounting servers configured. If the first server is unreachable, the accounting information is sent the second server. If both accounting servers are unreachable, accounting records are cached until a server becomes available. If a server cannot be reached before the cache is full, the oldest accounting packets are dropped to make room for the new packets.
Because the configuration of the AAA accounting server is completely independent of the AAA authentication server, you can configure the AAA accounting server to be on the same or different machine from the AAA authentication server.
If you use a syslog server, it is not affected by the AAA configuration and continues to use the existing user interfaces. When the RADIUS server sends AAA accounting information to a syslog server, it is normalized into a single string before being recorded. If no syslog server is defined, the AAA accounting logs are recorded by the syslog server running locally on Cisco Unity Express.
Note
About Event Logging for AAA Accounting
AAA accounting logs contain information that enable you to easily:
•
•
•
•
You can configure AAA accounting to log the following types of events:
In addition to information specific to the type of action performed, the accounting logs also indicate:
•
•
•
Note
Configuring the AAA Accounting Server and Event Logging
Use this procedure to configure the information used to log into the accounting server.
Procedure
Step 1
Step 2
The system displays the Configure AAA Accounting page.
Step 3
•
•
•
•
•
•
Step 4
Step 5
Step 6
