Access policy options – Cisco 3.3 User Manual
Page 478
Chapter 12 Administrators and Administrative Policy
Access Policy
12-12
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Access Policy Options
You can configure the following options on the Access Policy Setup page:
•
IP Address Filtering—Contains the following IP address filtering options:
–
Allow all IP addresses to connect—Allow access to the HTML
interface from any IP address.
–
Allow only listed IP addresses to connect—Allow access to the HTML
interface only from IP addresses inside the address range(s) specified in
the IP Address Ranges table.
–
Reject connections from listed IP addresses—Allow access to the
HTML interface only from IP addresses outside the address range(s)
specified in the IP Address Ranges table.
•
IP Address Ranges—The IP Address Ranges table contains ten rows for
configuring IP address ranges. The ranges are always inclusive; that is, the
range includes the start and end IP addresses. The IP addresses entered to
define a range must differ only in the last octet (Class C format).
The IP Address Ranges table contains one column of each of the following
boxes:
–
Start IP Address—Defines the lowest IP address of the range specified
in the current row.
–
End IP Address—Defines the highest IP address of the range specified
in the current row.
•
HTTP Port Allocation—Contains the following options for configuring
TCP ports used for remote access to the HTML interface.
–
Allow any TCP ports to be used for Administration HTTP
Access—Allow the ports used by administrative HTTP sessions to
include the full range of TCP ports.
–
Restrict Administration Sessions to the following port range From
Port X to Port Y—Restrict the ports used by administrative HTTP
sessions to the range specified in the X and Y boxes, inclusive. The size
of the range specified determines the maximum number of concurrent
administrative sessions.