|
This release note contains important information regarding CiscoSecure Global Roaming Server (CiscoSecure GRS). For complete documentation on this product, please refer to the CiscoSecure Global Roaming Server User Guide.
CiscoSecure GRS does not support multipacket authentication sessions. For example, a Telnet/shell login session through CiscoSecure GRS will not be authenticated because multiple TACACS+ authentication request/response packets must be exchanged between the network access server (NAS) and CiscoSecure GRS/access control server (ACS).
For an async dial-in interface on a NAS, you must use the command:
async mode dedicated
Do not use the command:
async mode interactive
Therefore, SLIP connections are not supported. This is enhancement request [CSCdj03118].
The current session count in the web status display is not reset after a NAS running RADIUS reloads; therefore, current MaxSessions are not counted properly. To reset the MaxSessions count after a RADIUS NAS has reloaded, restart CiscoSecure GRS. This is enhancement request [CSCdj51035].
CiscoSecure GRS does not currently support MaxSessions for the ISP NAS with Virtual Private Dialup Networking (VPDN). While CiscoSecure GRS keeps track of the number of VPDN sessions established, it cannot block those that exceed the MaxSessions parameter. This is enhancement request [CSCdj27705].
CiscoSecure GRS does not support running more than one copy at a time of the graphical user interface (GUI).
You cannot run the GUI and the command-line utilities at the same time.
In the CiscoSecure GRS GUI, the IP Pool table field for RADIUS mapped name accepts only numeric entries. This is enhancement request [CSCdj37331].
CiscoSecure GRS currently translates only those Cisco RADIUS attribute-value (A-V) pairs required for VPDN; it does not pass AV pairs for access control lists or IP pools. This is enhancement request [CSCdj49503].
If you are using CiscoSecure GRS with an Ascend NAS and a RADIUS ACS with pseudo-users (for example, for IP pool definition), the authentication requests sent out by the NAS are not directed in the standard manner. The NAS usually sends out requests in the format pools-[NAS_name]. Because the requests do not contain a domain, CiscoSecure GRS does not know where to send them. A workaround is to configure a domain in CiscoSecure GRS with the NAS name and use the hyphen (-) as a suffix delimiter. Do not configure stripping for this domain. The domain's ACS should be the ACS that contains the RADIUS pseudo-user entries. This is enhancement request [CSCdj43222].
Cisco Connection Online (CCO) is Cisco Systems' primary, real-time support channel. Maintenance customers and partners can self-register on CCO to obtain additional information and services.
Available 24 hours a day, 7 days a week, CCO provides a wealth of standard and value-added services to Cisco's customers and business partners. CCO services include product information, product documentation, software updates, release notes, technical tips, the Bug Navigator, configuration notes, brochures, descriptions of service offerings, and download access to public and authorized files.
CCO serves a wide variety of users through two interfaces that are updated and enhanced simultaneously: a character-based version and a multimedia version that resides on the World Wide Web (WWW). The character-based CCO supports Zmodem, Kermit, Xmodem, FTP, and Internet e-mail, and it is excellent for quick access to information over lower bandwidths. The WWW version of CCO provides richly formatted documents with photographs, figures, graphics, and video, as well as hyperlinks to related information.
You can access CCO in the following ways:
For a copy of CCO's Frequently Asked Questions (FAQ), contact cco-help@cisco.com. For additional information, contact cco-team@cisco.com.
Posted: Tue Feb 23 12:32:08 PST 1999
Copyright 1989-1999©Cisco Systems Inc.