Home > Cisco > Control System > Cisco Acs 57 User Guide

Cisco Acs 57 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 57 User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 231

    Page 231 7 Managing Policy Elements Managing Policy Conditions —In a TACACS request, ACS obtains this identifier from the remote address field of the start request (of every phase). It takes the remote address value before the slash (/) separator, if it is present; otherwise, it takes the entire remote address value. The end st ati on IP add ress i s eit her an IPv4 or IPv6 of the end station identifier. The end station MAC is a normalized MAC address of the end station identifier. Device Filter—Filters a... 
    7   
Managing Policy Elements
Managing Policy Conditions
—In a TACACS request, ACS obtains this identifier from the remote address field of the start request (of every 
phase). It takes the remote address value before the slash (/) separator, if it is present; otherwise, it takes the 
entire remote address value.
The end st ati on IP add ress i s eit her  an IPv4 or IPv6 of the end station identifier. The end station MAC is a normalized 
MAC address of the end station identifier.
Device Filter—Filters a...

    Page 232

    Page 232 8 Managing Policy Elements Managing Policy Conditions Importing Network Conditions You can use the bulk import function to import the contents from the following network conditions: End station filters Device filters Device port filters For bulk import, you must download the .csv file template from ACS, add the records that you want to import to the .csv file, and save it to your hard drive. Use the Download Template function to ensure that your .csv file adheres to the requirements. The .csv... 
    8
Managing Policy Elements
 
Managing Policy Conditions
Importing Network Conditions
You can use the bulk import function to import the contents from the following network conditions:
End station filters
Device filters
Device port filters
For bulk import, you must download the .csv file template from ACS, add the records that you want to import to the .csv 
file, and save it to your hard drive. Use the Download Template function to ensure that your .csv file adheres to the 
requirements. 
The .csv...

    Page 233

    Page 233 9 Managing Policy Elements Managing Policy Conditions Device Port Filters From the create, edit, or duplicate page of any of the filters, click Export to File to save the filter configuration as a .csv file on your local hard drive. Creating, Duplicating, and Editing End Station Filters Use the End Station Filters page to create, duplicate, and edit end station filters. To do this: 1.Choose Policy Elements > Session Conditions > Network Conditions > End Station Filters. The End Station Filters page... 
    9   
Managing Policy Elements
Managing Policy Conditions
Device Port Filters
From the create, edit, or duplicate page of any of the filters, click Export to File to save the filter configuration as a .csv 
file on your local hard drive.
Creating, Duplicating, and Editing End Station Filters
Use the End Station Filters page to create, duplicate, and edit end station filters. To do this:
1.Choose Policy Elements > Session Conditions > Network Conditions > End Station Filters.
The End Station Filters page...

    Page 234

    Page 234 10 Managing Policy Elements Managing Policy Conditions Check the check box the IP-based end station filter that you want to duplicate, then click Duplicate. Check the check box the IP-based end station filter that you want to edit, then click Edit. A dialog box appears. 2.Choose either of the following: Single IP Address—If you choose this option, you must enter a valid address, as follows: —IPv4 address in the format x.x.x.x, where x can be any number from 0 to 255. —IPv6 address in the format... 
    10
Managing Policy Elements
 
Managing Policy Conditions
Check the check box the IP-based end station filter that you want to duplicate, then click Duplicate.
Check the check box the IP-based end station filter that you want to edit, then click Edit.
A dialog box appears.
2.Choose either of the following:
Single IP Address—If you choose this option, you must enter a valid address, as follows:
—IPv4 address in the format x.x.x.x, where x can be any number from 0 to 255.
—IPv6 address in the format...

    Page 235

    Page 235 11 Managing Policy Elements Managing Policy Conditions 4.Click OK. Related Topics Managing Network Conditions, page 6 Creating, Duplicating, and Editing End Station Filters, page 9 Defining IP Address-Based End Station Filters, page 9 Defining CLI or DNIS-Based End Station Filters, page 11 Defining CLI or DNIS-Based End Station Filters You can create, duplicate, and edit the CLI and DNIS number of the end stations or destinations that you want to permit or deny access to. To do this: 1.From the... 
    11   
Managing Policy Elements
Managing Policy Conditions
4.Click OK.
Related Topics
Managing Network Conditions, page 6
Creating, Duplicating, and Editing End Station Filters, page 9
Defining IP Address-Based End Station Filters, page 9
Defining CLI or DNIS-Based End Station Filters, page 11
Defining CLI or DNIS-Based End Station Filters
You can create, duplicate, and edit the CLI and DNIS number of the end stations or destinations that you want to permit 
or deny access to. To do this:
1.From the...

    Page 236

    Page 236 12 Managing Policy Elements Managing Policy Conditions Check the check box the device filter that you want to duplicate, then click Duplicate. Check the check box the device filter that you want to edit, then click Edit. Click Export to save a list of device filters in a .csv file. For more information, see Exporting Network Conditions, page 8. Click Replace from File to perform a bulk import of device filters from a .csv import file. For more information, see Importing Network Conditions, page... 
    12
Managing Policy Elements
 
Managing Policy Conditions
Check the check box the device filter that you want to duplicate, then click Duplicate.
Check the check box the device filter that you want to edit, then click Edit.
Click Export to save a list of device filters in a .csv file. For more information, see Exporting Network Conditions, 
page 8.
Click Replace from File to perform a bulk import of device filters from a .csv import file. For more information, see 
Importing Network Conditions, page...

    Page 237

    Page 237 13 Managing Policy Elements Managing Policy Conditions IP Range(s)—If you choose this option, you must enter a valid IPv4 or IPv6 address and subnet mask to filter a range of IP addresses. By default, the subnet mask value for IPv4 is 32, and the IPv6 value is 128. Note: IPv6 ranges are not supported in ACS 5.7. 3.Click OK. Related Topics Managing Network Conditions, page 6 Creating, Duplicating, and Editing Device Filters, page 11 Defining Name-Based Device Filters, page 13 Defining NDG-Based... 
    13   
Managing Policy Elements
Managing Policy Conditions
IP Range(s)—If you choose this option, you must enter a valid IPv4 or IPv6 address and subnet mask to filter a range 
of IP addresses. By default, the subnet mask value for IPv4 is 32, and the IPv6 value is 128.
Note: IPv6 ranges are not supported in ACS 5.7. 
3.Click OK.
Related Topics
Managing Network Conditions, page 6
Creating, Duplicating, and Editing Device Filters, page 11
Defining Name-Based Device Filters, page 13
Defining NDG-Based...

    Page 238

    Page 238 14 Managing Policy Elements Managing Policy Conditions 3.Click Select to choose the network device group value that you want to filter. 4.Click OK. Related Topics Managing Network Conditions, page 6 Creating, Duplicating, and Editing Device Filters, page 11 Defining IP Address-Based Device Filters, page 12 Defining Name-Based Device Filters, page 13 Creating, Duplicating, and Editing Device Port Filters Use the Device Port Filters page to create, duplicate, and edit device port filters. To do... 
    14
Managing Policy Elements
 
Managing Policy Conditions
3.Click Select to choose the network device group value that you want to filter.
4.Click OK.
Related Topics
Managing Network Conditions, page 6
Creating, Duplicating, and Editing Device Filters, page 11
Defining IP Address-Based Device Filters, page 12
Defining Name-Based Device Filters, page 13
Creating, Duplicating, and Editing Device Port Filters
Use the Device Port Filters page to create, duplicate, and edit device port filters. To do...

    Page 239

    Page 239 15 Managing Policy Elements Managing Policy Conditions Creating, Duplicating, and Editing Device Filters, page 11 Defining IP Address-Based Device Port Filters You can create, duplicate, and edit the IP addresses of the network device ports that you want to permit or deny access to. To do this: 1.From the IP Address tab, do one of the following: Click Create. Check the check box the IP-based device port filter that you want to duplicate, then click Duplicate. Check the check box the IP-based... 
    15   
Managing Policy Elements
Managing Policy Conditions
Creating, Duplicating, and Editing Device Filters, page 11
Defining IP Address-Based Device Port Filters
You can create, duplicate, and edit the IP addresses of the network device ports that you want to permit or deny access 
to. To do this:
1.From the IP Address tab, do one of the following:
Click Create.
Check the check box the IP-based device port filter that you want to duplicate, then click Duplicate.
Check the check box the IP-based...

    Page 240

    Page 240 16 Managing Policy Elements Managing Authorizations and Permissions Check the check box the name-based device port filter that you want to duplicate, then click Duplicate. Check the check box the name-based device port filter that you want to edit, then click Edit. A dialog box appears. 2.Click Select to choose the network device that you want to filter. 3.Check the Port check box and enter the port number. 4.Click OK. Related Topics Managing Network Conditions, page 6 Creating, Duplicating, and... 
    16
Managing Policy Elements
 
Managing Authorizations and Permissions
Check the check box the name-based device port filter that you want to duplicate, then click Duplicate.
Check the check box the name-based device port filter that you want to edit, then click Edit.
A dialog box appears.
2.Click Select to choose the network device that you want to filter.
3.Check the Port check box and enter the port number.
4.Click OK.
Related Topics
Managing Network Conditions, page 6
Creating, Duplicating, and...
    Start reading Cisco Acs 57 User Guide

    Related Manuals for Cisco Acs 57 User Guide

    All Cisco manuals