Chapter 12 Administrators and Administrative Policy
Access Policy
12-14
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Setting Up Access Policy
For information about access policy options, see Access Policy Options,
page 12-12.
Before You Begin
If you want to enable SSL for administrative access, before completing this
procedure, you must have completed the steps in Installing a Cisco Secure ACS
Server Certificate, page 10-35, and Adding a Certificate Authority Certificate,
page 10-37.
To set up Cisco Secure ACS Access Policy, follow these steps:
Step 1 In the navigation bar, click Administration Control.
Cisco Secure ACS displays the Administration Control page.
Step 2 Click Access Policy.
The Access Policy Setup page appears.
Step 3 To allow remote access to the HTML interface from any IP address, in the IP
Address Filtering table, select the Allow all IP addresses to connect option.
Step 4 To allow remote access to the HTML interface only from IP addresses within a
range or ranges of IP addresses, follow these steps:
a. In the IP Address Filtering table, select the Allow only listed IP addresses
to connect option.
b. For each IP address range from within which you want to allow remote access
to the HTML interface, complete one row of the IP Address Ranges table. In
the Start IP Address box, type the lowest IP address (up to 16 characters) in
the range. In the End IP Address box, type the highest IP address (up to 16
characters) in the range. Use dotted decimal format.
Note The IP addresses entered to define a range must differ only in the last
octet.
Step 5 To allow remote access to the HTML interface only from IP addresses outside a
range or ranges of IP addresses, follow these steps:
a. In the IP Address Filtering table, select the Reject connections from listed
IP addresses option.