The Journey of a Network Engineer

Oct 19 2011   3:27AM GMT

How to configure Lock-and-Key (dynamic ACL)?

Sulaiman Syed Profile: Sulaiman Syed

Dynamic ACL are very interesting. They provide temporary access at certain times for certain users. Basically, the user will telnet to the router. If the authentication passes, then router permits that IP to to access the internal parts of the network.

First, we need to create access-list, lets make the access

access-list 101 dynamic Mydyn permit ip any any

access-list 101 permit ip host x.x.x.x host x.x.x.x eq telnet

After that, we need to configure the vty lines to accept

line vty 0

login local

autocommand  access-enable host

lets not forget to configure the username and password.

username xxxx password xxxxx

lasty, apply the access list into the physical interface.

Interface f0/1

ip access-group 101

with that, the dynamic access list is created. As long as the session is open. when the session times out. the ACL entry will be deleted and a new authentication would be required access the protected networks by the router.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: