Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
9675
Views
10
Helpful
7
Replies

Dynamic Access list

Go to solution
jonk34567
Level 4
Level 4

‎12-19-2017 07:37 AM - edited ‎03-08-2019 01:09 PM

is there anything called Dynamic access list ? if yes ,for what purpose is it used ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎12-20-2017 03:52 AM - edited ‎12-20-2017 04:23 AM

Hello

 

@jonk34567 wrote:

is there anything called Dynamic access list ? if yes ,for what purpose is it used ?

You can use Dynamic Acl's to permit access to certain services based on authentication of a client prior to allowing access.

 

So it you have a rtr that borders between your own network and another, and you wish for the external clients to be allowed access into your company ONLY if they are authenticated first then a Dynamic acl could provide this.

 

 

Reflective Acl will automatically be created when specific defined traffic is initiated from within your company to a external client and as such return traffic from the external client will be allowed into your network.


res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

7 Replies 7

Go to solution
mlund
Level 7
Level 7

‎12-20-2017 12:14 AM

see link below for dynamic access-list

https://www.cisco.com/c/en/us/support/docs/security-vpn/lock-key/7604-13.html

there are also reflexive access-list that is dynamically populated, see link

https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfreflx.html

 

/Mikael

0 Helpful

Go to solution
paul driver
VIP
VIP

‎12-20-2017 03:52 AM - edited ‎12-20-2017 04:23 AM

Hello

 

@jonk34567 wrote:

is there anything called Dynamic access list ? if yes ,for what purpose is it used ?

You can use Dynamic Acl's to permit access to certain services based on authentication of a client prior to allowing access.

 

So it you have a rtr that borders between your own network and another, and you wish for the external clients to be allowed access into your company ONLY if they are authenticated first then a Dynamic acl could provide this.

 

 

Reflective Acl will automatically be created when specific defined traffic is initiated from within your company to a external client and as such return traffic from the external client will be allowed into your network.


res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
JozefButala
Level 1
Level 1
In response to paul driver

‎03-05-2025 07:27 AM

Hi Paul, is there any other options for establishing connection than telnet if I use cisco router for authentication?

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to JozefButala

‎03-05-2025 07:45 AM

I am puzzled about this question. It suggests that telnet is the only access. But I do not see anything in this discussion that deals with particular access protocols. Dynamic ACL should work for multiple access protocols. 

HTH

Rick
0 Helpful

Go to solution
JozefButala
Level 1
Level 1

‎03-05-2025 10:45 AM

Hi Richard, if I have only option for authentication cisco router, is there another way how to authenticate user other than telnet?

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to JozefButala

‎03-05-2025 11:48 AM

I am still puzzled. The OP was discussing dynamic access lists. I do not think that you are asking about dynamic access lists. If you are asking about authenticating access to cisco router then it can be configured to authenticate for telnet, or for SSH, or for HTTP/HTTPS.

HTH

Rick
0 Helpful

Go to solution
JozefButala
Level 1
Level 1
In response to Richard Burts

‎03-05-2025 12:54 PM

Screenshot 2025-03-05 211152.png

If I want use dynamic Acl for permit host  from from Internet, but I don’t have any other option for authentication but router is there possibility to use something else than telnet? 

0 Helpful
Customers Also Viewed These Support Documents
Top