Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
71727374757677787980
2-24
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 2 Device Management: Adding Clean Access Servers, Adding Filters
Global Device and Subnet Filtering
The Clean Access Server column in the list shows the scope of the policy. If the policy was configured
locally in the CAS management pages, this field displays the IP address of the originating Clean Access
Server. If the policy was configured globally for all Clean Access Servers in the Device Management >
Filters module of the admin console, the field displays GLOBAL.
The filter list can be sorted by column by clicking on the column heading label (MAC Address, IP
Address, Clean Access Server, Description, Access Type, or Priority).
See Global and Local Administration Settings, page 2-8 and the Cisco NAC Appliance - Clean Access
Server Configuration Guide, Release 4.9(x) for more information.
Clicking Reset negates any of the optional search criteria from the filter dropdown menu and resets the
list to display all entries (default).
Clicking Delete Selected removes the devices selected in the check column to the far left of the page.
(You can select one or more device entries to remove from the display.)
Clicking Delete All Filtered removes the devices that remain in the list after you have used the Filter
tool to display a subset of all devices. (You can use this function to remove up to 100 devices at a time.)
Import/Export Device Filter Policies
You can use the Export button to save CSV files containing device data to your local hard drive to
search, view, and manipulate whenever needed for troubleshooting or statistical analysis purposes.
Note Due to limits native to the Microsoft Excel application, you can only export up to 65534 MAC address
entries using this function.
You can also use the Browse and Import buttons to locate and load a compilation of device entries from
a previously saved CSV file.
Order Device Filter Wildcard/Range Policies
The Order page is for wildcard/range device filters only. The Order page is used to change the priority
of wildcard/range device filters.
For example:
If the Order page is configured with filters as follows:
1. 00:14:6A:* — Access Type: DENY
2. 00:14:6A:6B:* — Access Type: IGNORE
A device with MAC address 00:14:6A:6B:60:60 will be denied.
If the Order page is configured as follows:
1. 00:14:6A:6B:* — Access Type: IGNORE
2. 00:14:6A:* — Access Type: DENY
A device with MAC address 00:14:6A:6B:60:60 will have access type IGNORE.
However, if a device filter exists for the exact MAC address 00:14:6A:6B:60:60, the rules of that filter
apply instead, and any existing wildcard/range filters are not used.
1. Go to Device Management > Filters > Devices > Order.