The goal of a
dynamic ACL is to provide a means for some users on a network to have access through the router
without knowing exactly what devices they will be connecting from. This type of list requires the
end user to log in to the router from the device to set up a temporary access list to permit the traf?¬?c.
The following con?¬?guration creates a login name and password for authentication. The idle
timeout is set to 10 minutes.
RouterX(config)#uusseerrnnaammee tteesstt ppaasssswwoorrdd tteesstt
RouterX(config)#uusseerrnnaammee tteesstt aauuttooccoommmmaanndd aacccceessss--eennaabbllee hhoosstt ttiimmeeooutt 1100
The following con?¬?guration enables users to open a Telnet connection to the router that is to be
authenticated and blocks all other traf?¬?c:
RouterX(config)#aacccceessss--lliisstt 110011 ppeerrmmiitt ttccpp aannyy hhoosstt 1100..11..11..11 eeqq tteelnneett
RouterX(config)#iinntteerrffaaccee EEtthheerrnneett00//00
RouterX(config-if)#iipp aaddddrreessss 1100..11..11..11 225555..225555..225555..00
RouterX(config-if)#iipp aacccceessss--ggrroouupp 110011 iinn
216 Chapter 6: Managing Traffic with Access Control Lists
The following con?¬?guration creates the dynamic ACL that will be automatically applied to the
existing access-list 101.
Pages:
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329