Access Policy
Access Policy Options
User Guide for Cisco Secure ACS for Windows Server
10-12
You can configure the following options on the Access Policy Setup page:
IP Address Filtering—Contains the following IP address filtering options:
•
Allow all IP addresses to connect—Allow access to the HTML
–
interface from any IP address.
Allow only listed IP addresses to connect—Allow access to the HTML
–
interface only from IP addresses inside the address range(s) specified in
the IP Address Ranges table.
–
Reject connections from listed IP addresses—Allow access to the
HTML interface only from IP addresses outside the address range(s)
specified in the IP Address Ranges table.
IP Address Ranges—The IP Address Ranges table contains ten rows for
•
configuring IP address ranges. The ranges are always inclusive; that is, the
range includes the start and end IP addresses. The IP addresses entered to
define a range must differ only in the last octet (Class C format).
The IP Address Ranges table contains one column of each of the following
boxes:
Start IP Address—Defines the lowest IP address of the range specified
–
in the current row.
End IP Address—Defines the highest IP address of the range specified
–
in the current row.
HTTP Port Allocation—Contains the following options for configuring
•
TCP ports used for remote access to the HTML interface.
Allow any TCP ports to be used for Administration HTTP
–
Access—Allow the ports used by administrative HTTP sessions to
include the full range of TCP ports.
–
Restrict Administration Sessions to the following port range From
Port X to Port Y—Restrict the ports used by administrative HTTP
sessions to the range specified in the X and Y boxes, inclusive. The size
of the range specified determines the maximum number of concurrent
administrative sessions.
Chapter 10
Setting Up and Managing Administrators and Policy
78-14696-01, Version 3.1