Filter
Top Products
9-57
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 9 NAC Configuration Scenario
Step 8: Set Up Templates to Create NAPs
Figure 9-41 Profile Setup Page for NAC Layer 2 802.1x Template
The default settings for the profile are:
• Any appears in the Network Access Filter field, which means that this profile has no IP filter.
You can choose NAFs from the drop-down list, so that only specific host IPs match this profile.
• Allow any Protocol type appears in the Protocol types list, which means that no protocol type filter
exists for this profile.
• You can select the Allow Selected Protocol types option to specify a protocol type for filtering.
• Two rules are configured in Advanced Filtering:
[026/009/001]Cisco-av-pair = aaa:service=ip admission
[006]Service-Type != 10
These rules specify that the associated profile policies authenticate and authorize each RADIUS
request that matches the attribute’s rules. You can change the advanced filter, and add, remove, or
edit any RADIUS attribute that the RADIUS client sends.