Cisco Systems OL-24201-01 Camera Accessories User Manual


 
9-31
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9 Managing Policy Elements
Managing Authorizations and Permissions
Related Topics
Creating, Duplicating, and Editing Authorization Profiles for Network Access, page 9-18
Creating, Duplicating, and Editing a Shell Profile for Device Administration, page 9-23
Deleting an Authorizations and Permissions Policy Element, page 9-32
Creating, Duplicating, and Editing a Shell Profile for Device Administration, page 9-23
Creating, Duplicating, and Editing Downloadable ACLs
You can define downloadable ACLs for the Access-Accept message to return. Use ACLs to prevent
unwanted traffic from entering the network. ACLs can filter source and destination IP addresses,
transport protocols, and more by using the RADIUS protocol.
After you create downloadable ACLs as named permission objects, you can add them to authorization
profiles, which you can then specify as the result of an authorization policy.
You can duplicate a downloadable ACL if you want to create a new downloadable ACL that is the same,
or similar to, an existing downloadable ACL.
After duplication is complete, you access each downloadable ACL (original and duplicated) separately
to edit or delete them.
To create, duplicate or edit a downloadable ACL:
Step 1 Select Policy Elements > Authorization and Permissions > Named Permission Objects >
Downloadable ACLs.
The Downloadable ACLs page appears.
Step 2 Do one of the following:
Click Create.
The Downloadable ACL Properties page appears.
Check the check box next to the downloadable ACL that you want to duplicate and click Duplicate.
The Downloadable ACL Properties page appears.
Click the name that you want to modify; or, check the check box next to the name that you want to
modify and click Edit.
The Downloadable ACL Properties page appears.
Click File Operations to perform any of the following functions:
Add—Choose this option to add ACLs from the import file to ACS.
Update—Choose this option to replace the list of ACLs in ACS with the list of ACLs in the
import file.
Delete—Choose this option to delete the ACLs listed in the import file from ACS.
See Performing Bulk Operations for Network Resources and Users, page 7-8 for a detailed
description of the bulk operations.
Click Export to export the DACLs from ACS to your local hard disk.
A dialog box appears, prompting you to enter an encryption password to securely export the DACLs:
Check the Password check box and enter the password to encrypt the file during the export
process, then click Start Export.