Cisco Cisco Clean Access 3.5
3-11
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 3 Device Management: Adding Clean Access Servers, Adding Filters
Global Device and Subnet Filtering
Create Global Device Filter
A device filter list set up as described in the following steps will apply across all Clean Access Servers
in the Clean Access Manager domain.
in the Clean Access Manager domain.
1.
Click the Filters link in the Device Management group.
2.
Click the New link under the Devices tab.
3.
In the New Device Filter form, enter the MAC address of the device(s) for which you want to create
a policy in the text field. Optionally, also enter an IP address of the device and a description, in the
form:
a policy in the text field. Optionally, also enter an IP address of the device and a description, in the
form:
<
MACAddress>/<IPAddress> <description>
<
MACAddress>/<IPAddress> <description>
Note
•
If you enter both a MAC and an IP address, the client must match both for the rule to apply.
•
Separate multiple devices with a return.
You can specify a description by device or for all devices. A description specific to a particular
device (in the MAC Address field) supersedes a description for all devices in the Description field.
There cannot be spaces within the description in the device entry (see
device (in the MAC Address field) supersedes a description for all devices in the Description field.
There cannot be spaces within the description in the device entry (see
).
Figure 3-4
Device Filters
4.
Optionally, type a description of the policy or device in the Description field.
5.
Choose the policy for the device from the Access Type choices:
–
allow – Enables the device to access the network without authentication.
–
deny – Blocks the device from the network. An HTML page appears notifying the user that
access is denied (set in User Management > User Roles > New Role)
access is denied (set in User Management > User Roles > New Role)
–
use role – Exempts the user from authentication and applies a role to the user. If choosing this
option, also select the role to be applied. See
option, also select the role to be applied. See
for
further details on roles.
6.
Click Add to save the policy.
7.
The List page under the Devices tab appears.