Filter
Top Products
16-13
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 16 Managing System Administrators
Configuring Administrator Access Settings
Step 1 Choose System Administration > Administrators > Settings > Session.
The GUI Session page appears.
Step 2 Enter the Session Idle Timeout value in minutes. Valid values are 5 to 90 minutes.
Step 3 Click Submit.
Note The CLI client interface has a default session timeout value of 6 hours. You cannot configure the session
timeout period in the CLI client interface.
Configuring Administrator Access Settings
ACS 5.4 allows you to restrict administrative access to ACS based on the IP address of the remote client.
You can filter IP addresses in any one of the following ways:
• Allow All IP Addresses to Connect, page 16-13
• Allow Remote Administration from a Select List of IP Addresses, page 16-13
• Reject Remote Administration from a Select List of IP Addresses, page 16-13
Allow All IP Addresses to Connect
You can choose the Allow all IP addresses to connect option to allow all connections; this is the default
option.
Allow Remote Administration from a Select List of IP Addresses
To allow administrators to access ACS remotely:
Step 1 Choose System Administration > Administrators > Settings > Access.
The IP Addresses Filtering page appears.
Step 2 Click Allow only listed IP addresses to connect radio button.
The IP Range(s) area appears.
Step 3 Click Create in the IP Range(s) area.
A new window appears. Enter the IPv4 or IPv6 address of the machine from which you want to allow
remote access to ACS. Enter a subnet mask for an entire IP address range. ACS checks if the address that
is entered is in a format that is supported by IPv4 or IPv6.
Step 4 Click OK.
The IP Range(s) area is populated with the IP addresses. Repeat Step 3 to add other IP addresses or
ranges for which you want to provide remote access.
Step 5 Click Submit.
Reject Remote Administration from a Select List of IP Addresses
To reject administrators from accessing ACS remotely: