Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 241

    Page 241 9-11 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Defining MAC Address-Based End Station Filters You can create, duplicate, and edit the MAC addresses of end stations or destinations that you want to permit or deny access to. To do this: Step 1From the MAC Address tab, do one of the following: Click Create. Check the check box next to the MAC address-based end station filter that you want to duplicate, then click... 
    9-11
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Defining MAC Address-Based End Station Filters
You can create, duplicate, and edit the MAC addresses of end stations or destinations that you want to 
permit or deny access to. To do this:
Step 1From the MAC Address tab, do one of the following:
Click Create.
Check the check box next to the MAC address-based end station filter that you want to duplicate, 
then click...

    Page 242

    Page 242 9-12 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Step 3Check the DNIS check box to enter the DNIS number of the destination machine. You can optionally set this field to ANY to refer to any DNIS number. NoteYou can use ? and * wildcard characters to refer to any single character or a series of one or more successive characters respectively. Step 4Click OK. Related Topics Managing Network Conditions, page 9-6... 
    9-12
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Step 3Check the DNIS check box to enter the DNIS number of the destination machine. 
You can optionally set this field to ANY to refer to any DNIS number.
NoteYou can use ? and * wildcard characters to refer to any single character or a series of one or more 
successive characters respectively.
Step 4Click OK.
Related Topics
Managing Network Conditions, page 9-6...

    Page 243

    Page 243 9-13 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Step 5Click Submit to save the changes. Related Topics Managing Network Conditions, page 9-6 Importing Network Conditions, page 9-8 Creating, Duplicating, and Editing End Station Filters, page 9-9 Creating, Duplicating, and Editing Device Port Filters, page 9-14 Defining IP Address-Based Device Filters You can create, duplicate, and edit the IP addresses of network... 
    9-13
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Step 5Click Submit to save the changes.
Related Topics
Managing Network Conditions, page 9-6
Importing Network Conditions, page 9-8
Creating, Duplicating, and Editing End Station Filters, page 9-9
Creating, Duplicating, and Editing Device Port Filters, page 9-14
Defining IP Address-Based Device Filters
You can create, duplicate, and edit the IP addresses of network...

    Page 244

    Page 244 9-14 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Check the check box next to the name-based device filter that you want to edit, then click Edit. A dialog box appears. Step 2Click Select to choose the network device that you want to filter. Step 3Click OK. Related Topics Managing Network Conditions, page 9-6 Creating, Duplicating, and Editing Device Filters, page 9-12 Defining IP Address-Based Device Filters, page... 
    9-14
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Check the check box next to the name-based device filter that you want to edit, then click Edit.
A dialog box appears.
Step 2Click Select to choose the network device that you want to filter.
Step 3Click OK.
Related Topics
Managing Network Conditions, page 9-6
Creating, Duplicating, and Editing Device Filters, page 9-12
Defining IP Address-Based Device Filters, page...

    Page 245

    Page 245 9-15 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Check the check box next to the device port filter that you want to edit, then click Edit. Click Export to save a list of device port filters in a .csv file. For more information, see Exporting Network Conditions, page 9-9. Click Replace from File to perform a bulk import of device port filters from a .csv import file. For more information, see Importing Network... 
    9-15
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Check the check box next to the device port filter that you want to edit, then click Edit.
Click Export to save a list of device port filters in a .csv file. For more information, see Exporting 
Network Conditions, page 9-9.
Click Replace from File to perform a bulk import of device port filters from a .csv import file. For 
more information, see Importing Network...

    Page 246

    Page 246 9-16 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Policy Conditions Step 3Check the Port check box and enter the port number. This field is of type string and can contain numbers or characters. You can use the following wildcard characters: ?—match a single character *—match a set of characters For example, the string “p*1*” would match any word that starts with the letter “p” and contains the number 1, such as port1, port15, and... 
    9-16
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Policy Conditions
Step 3Check the Port check box and enter the port number. This field is of type string and can contain numbers 
or characters. You can use the following wildcard characters:
?—match a single character
*—match a set of characters
For example, the string “p*1*” would match any word that starts with the letter “p” and contains the 
number 1, such as port1, port15, and...

    Page 247

    Page 247 9-17 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Authorizations and Permissions Defining NDG-Based Device Port Filters You can create, duplicate, and edit the network device group type and the port to which you want to permit or deny access. To do this: Step 1From the Network Device Group tab, do one of the following: Click Create. Check the check box next to the NDG-based device port filter that you want to duplicate, then click... 
    9-17
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Defining NDG-Based Device Port Filters
You can create, duplicate, and edit the network device group type and the port to which you want to 
permit or deny access. To do this:
Step 1From the Network Device Group tab, do one of the following:
Click Create.
Check the check box next to the NDG-based device port filter that you want to duplicate, then click...

    Page 248

    Page 248 9-18 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Authorizations and Permissions Creating, Duplicating, and Editing Authorization Profiles for Network Access You create authorization profiles to define how different types of users are authorized to access the network. For example, you can define that a user attempting to access the network over a VPN connection is treated more strictly than a user attempting to access the network... 
    9-18
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Creating, Duplicating, and Editing Authorization Profiles for Network Access
You create authorization profiles to define how different types of users are authorized to access the 
network. For example, you can define that a user attempting to access the network over a VPN 
connection is treated more strictly than a user attempting to access the network...

    Page 249

    Page 249 9-19 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Authorizations and Permissions Specifying Authorization Profiles Use this tab to configure the name and description for a network access authorization profile. Step 1Select Policy Elements > Authorization and Permissions > Network Access > Authorization Profiles, then click: Create to create a new network access authorization definition. Duplicate to duplicate a network access... 
    9-19
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Specifying Authorization Profiles
Use this tab to configure the name and description for a network access authorization profile.
Step 1Select Policy Elements > Authorization and Permissions > Network Access > Authorization 
Profiles, then click:
Create to create a new network access authorization definition.
Duplicate to duplicate a network access...

    Page 250

    Page 250 9-20 User Guide for Cisco Secure Access Control System 5.3 OL-24201-01 Chapter 9 Managing Policy Elements Managing Authorizations and Permissions Table 9-5 Authorization Profile: Common Tasks Page Option Description ACLS Downloadable ACL Name Includes a defined downloadable ACL. See Creating, Duplicating, and Editing Downloadable ACLs, page 9-31 for information about defining a downloadable ACL. Filter-ID ACL Includes an ACL Filter ID. Proxy ACL Includes a proxy ACL. Voice VLAN Permission to Join... 
    9-20
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Table 9-5 Authorization Profile: Common Tasks Page
Option Description
ACLS
Downloadable ACL Name Includes a defined downloadable ACL. See Creating, Duplicating, and Editing 
Downloadable ACLs, page 9-31 for information about defining a downloadable ACL.
Filter-ID ACL Includes an ACL Filter ID.
Proxy ACL Includes a proxy ACL.
Voice VLAN
Permission to Join...
    Start reading Cisco Acs 5x User Guide

    Related Manuals for Cisco Acs 5x User Guide

    All Cisco manuals