Chapter5 Settin g Up and Managing Shared Profile Components
Downloadable PIX ACLs
5-4
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Note The name of a PIX ACL may contain up to 32 characters. The name
may contain spaces; but it may not contain leading, trailing, or
multiple spaces, or the following characters: - [ ] / —
Step 5 In the Description: box, type a description of the new PIX ACL.
Step 6 In the ACL Defi nit i ons box, type the new PIX ACL definitions.
Note In entering the ACL definitions in the ACS HTML interface, you do
not use keyword and name entries; rather, you begin with a
permit/deny keyword. For an example of the proper format of the ACL
definitions, see the “About Downloadable PIX ACLs” section on
page 5-2.
Step 7 When you have completed specifying the PIX ACL, click Submit.
Result: Cisco Secure ACS enters the new PIX ACL, which takes effect
immediately. That is, it is available to be sent to any PIXFirewall that is
attempting authentication of a user who has that ACL name as part of his or her
user or group profile. For information on assigning a user or a group to a PIX
ACL, see the “Assigning a PIX ACL to a User” section on page 7-22 or the
“Assigning a Downloadable PIX ACL to a Group” section on page6-27,
respectively.
Editing a Downloadable PIX ACLTo edit a downloadable PIX ACL, follow these steps:
Step 1 In the navigation bar, click Shared Profile Components.
Result: The Shared Profile Components page appears.
Step 2 Click Downloadable PIX ACLs.
Result: The Downloadable PIX ACLs table appears.