EasyManuals Logo

Cisco 5510 - ASA SSL / IPsec VPN Edition Configuration Guide

Cisco 5510 - ASA SSL / IPsec VPN Edition
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #714 background imageLoading...
Page #714 background image
33-16
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 33 Configuring AAA Rules for Network Access
Using MAC Addresses to Exempt Traffic from Authentication and Authorization
Step 3 From the Interface drop-down list, choose the interface for applying the rule.
Step 4 In the Action field, click one of the following, depending on the implementation:
Account
Do not Account.
Step 5 From the AAA Server Group drop-down list, choose a server group. To add a AAA server to the server
group, click Add Server. See the “Configuring AAA Server Groups” section on page 31-8 for more
information.
Step 6 In the Source field, add the source IP address, or click the ellipsis (...) to choose an IP address already
defined in ASDM.
Step 7 In the Destination field, enter the destination IP address, or click the ellipsis (...) to choose an IP address
already defined in ASDM.
Step 8 In the Service field, enter an IP service name or number for the destination service, or click ellipsis (...)
button to choose a service.
Step 9 (Optional) In the Description field, add a description.
Step 10 (Optional) Click More Options to do any of the following:
To specify a source service for TCP or UDP, enter a TCP or UDP service in the Source Service field.
The destination service and source service must be the same. Copy and paste the destination Service
field to the Source Service field.
To make the rule inactive, uncheck Enable Rule.
You may not want to remove a rule, but instead turn it off.
To set a time range for the rule, from the Time Range drop-down list, choose an existing time range.
To add a new time range, click the ellipsis (...). For more information, see the “Configuring Time
Ranges” section on page 13-15.
Step 11 Click OK.
The dialog box closes and the rule appears in the AAA Rules table.
Step 12 Click Apply.
The changes are saved to the running configuration.
Using MAC Addresses to Exempt Traffic from Authentication
and Authorization
The adaptive security appliance can exempt from authentication and authorization any traffic from
specific MAC addresses.
For example, if the adaptive security appliance authenticates TCP traffic originating on a particular
network but you want to allow unauthenticated TCP connections from a specific server, you would use
a MAC exempt rule to exempt from authentication and authorization any traffic from the server specified
by the rule. This feature is particularly useful to exempt devices such as IP phones that cannot respond
to authentication prompts.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals