Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

23-16

Cisco ASDM User Guide

OL-16647-01

Chapter 23 Applying AAA for Network Access

Using MAC Addresses to Exempt Traffic from Authentication and Authorization

Step 3 From the Interface drop-down list, choose the interface for applying the rule.

Step 4 In the Action field, click one of the following, depending on the implementation:

• Account

• Do not Account.

Step 5 From the AAA Server Group drop-down list, choose a server group. To add a AAA server to the server

group, click Add Server. See the “Configuring AAA Server Groups” section on page 14-9 for more

information.

Step 6 In the Source field, add the source IP address, or click the ellipsis (...) to choose an IP address already

defined in ASDM.

Step 7 In the Destination field, enter the destination IP address, or click the ellipsis (...) to choose an IP address

already defined in ASDM.

Step 8 In the Service field, enter an IP service name or number for the destination service, or click ellipsis (...)

button to choose a service.

Step 9 (Optional) In the Description field, add a description.

Step 10 (Optional) Click More Options to do any of the following:

• To specify a source service for TCP or UDP, enter a TCP or UDP service in the Source Service field.

The destination service and source service must be the same. Copy and paste the destination Service

field to the Source Service field.

• To make the rule inactive, uncheck Enable Rule.

You may not want to remove a rule, but instead turn it off.

• To set a time range for the rule, from the Time Range drop-down list, choose an existing time range.

To add a new time range, click the ellipsis (...). For more information, see Configuring Time Ranges,

page 19-15.

Step 11 Click OK.

The dialog box closes and the rule appears in the AAA Rules table.

Step 12 Click Apply.

The changes are saved to the running configuration.

Using MAC Addresses to Exempt Traffic from Authentication

and Authorization

The security appliance can exempt from authentication and authorization any traffic from specific MAC

addresses.

For example, if the security appliance authenticates TCP traffic originating on a particular network but

you want to allow unauthenticated TCP connections from a specific server, you would use a MAC

exempt rule to exempt from authentication and authorization any traffic from the server specified by the

rule. This feature is particularly useful to exempt devices such as IP phones that cannot respond to

authentication prompts.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-16647-01 Network Router User Manual