Access policy options – Cisco 3.3 User Manual

Chapter 12 Administrators and Administrative Policy

Access Policy

12-12

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Access Policy Options

You can configure the following options on the Access Policy Setup page:

•

IP Address Filtering—Contains the following IP address filtering options:

–

Allow all IP addresses to connect—Allow access to the HTML
interface from any IP address.

–

Allow only listed IP addresses to connect—Allow access to the HTML
interface only from IP addresses inside the address range(s) specified in
the IP Address Ranges table.

–

Reject connections from listed IP addresses—Allow access to the
HTML interface only from IP addresses outside the address range(s)
specified in the IP Address Ranges table.

•

IP Address Ranges—The IP Address Ranges table contains ten rows for
configuring IP address ranges. The ranges are always inclusive; that is, the
range includes the start and end IP addresses. The IP addresses entered to
define a range must differ only in the last octet (Class C format).

The IP Address Ranges table contains one column of each of the following
boxes:

–

Start IP Address—Defines the lowest IP address of the range specified
in the current row.

–

End IP Address—Defines the highest IP address of the range specified
in the current row.

•

HTTP Port Allocation—Contains the following options for configuring
TCP ports used for remote access to the HTML interface.

–

Allow any TCP ports to be used for Administration HTTP
Access—Allow the ports used by administrative HTTP sessions to
include the full range of TCP ports.

–

Restrict Administration Sessions to the following port range From
Port X to Port Y—Restrict the ports used by administrative HTTP
sessions to the range specified in the X and Y boxes, inclusive. The size
of the range specified determines the maximum number of concurrent
administrative sessions.