Cisco 3.3 User Manual
Page 481
12-15
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 12 Administrators and Administrative Policy
Access Policy
b.
For each IP address range from outside which you want to allow remote
access to the HTML interface, complete one row of the IP Address Ranges
table. Type the lowest IP address (up to 16 characters) in the range in the Start
IP Address box. Type the highest IP address (up to 16 characters) in the range
in the End IP Address box.
Note
The IP addresses entered to define a range must differ only in the last
octet.
Step 6
If you want to allow Cisco Secure ACS to use any valid TCP port for
administrative sessions, under HTTP Port Allocation, select the Allow any TCP
ports to be used for Administration HTTP Access option.
Step 7
If you want to allow Cisco Secure ACS to use only a specified range of TCP ports
for administrative sessions, follow these steps:
a.
Under HTTP Port Allocation, select the Restrict Administration Sessions to
the following port range From Port X to Port Y option.
b.
In the X box type the lowest TCP port (up to 5 characters) in the range.
c.
In the Y box type the highest TCP port (up to 5 characters) in the range.
Step 8
If you want to enable SSL encryption of administrator access to the HTML
interface, under Secure Socket Layer Setup, select the Use HTTPS Transport for
Administration Access check box.
Note
To enable SSL, you must have completed the steps in
Cisco Secure ACS Server Certificate, page 10-35
, and
Certificate Authority Certificate, page 10-37
.
Step 9
Click Submit.
Cisco Secure ACS saves and begins enforcing the access policy settings.
If you have enabled SSL, at the next administrator login, Cisco Secure ACS
begins using HTTPS. Any current administrator sessions are unaffected.