beautypg.com

Cisco 3.3 User Manual

Page 174

background image

Chapter 5 Shared Profile Components

Network Access Restrictions

5-20

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

To add a shared NAR, follow these steps:

Step 1

In the navigation bar, click Shared Profile Components.

The Shared Profile Components page appears.

Step 2

Click Network Access Restrictions.

Step 3

Click Add.

The Network Access Restriction page appears.

Step 4

In the Name box, type a name for the new shared NAR.

Note

The name can contain up to 31 characters. Leading and trailing spaces are
not allowed. Names cannot contain the following four characters:
[ ] , /

Step 5

In the Description box, type a description of the new shared NAR.

Step 6

If you want to permit or deny access based on IP addressing, follow these steps:

a.

Select the Define IP-based access descriptions check box.

b.

To specify whether you are listing addresses that are permitted or denied,
from the Table Defines list, select the applicable value.

c.

Select or type the applicable information in each of the following boxes:

AAA Client—Select All AAA clients, or the name of the NDG, or the
NAF, or the individual AAA client, to which access is permitted or
denied.

Port—Type the number of the port that you want to permit or deny access
to. You can use the wildcard asterisk (*) to permit or deny access to all
ports on the selected AAA client.

Src IP Address—Type the IP address to filter on when performing
access restrictions. You can use the wildcard asterisk (*) to specify all IP
addresses.