Hide Navigation Pane
Show Navigation Pane
Download
SHA1
Configuring a Telnet and Secure Shell Resource Policy (NSM Procedure)
When you enable the Telnet/SSH access feature for a role, you need to create resource policies that specify which remote servers a user may access. If the Secure Access device matches a user’s request to a resource listed in a Telnet/SSH policy, the Secure Access device performs the action specified for the resource.
To configure a Telnet and secure shell resource policy:
- In the navigation tree, select Device Manager > Devices. Click the Device Tree tab, and then double-click the Secure Access device for which you want to configure a Telnet and secure shell resource policy.
- Click the Configuration tab. Select Users > Resource Policies > Telnet/SSH.
- Add or modify settings as specified in Table 34.
- Click one:
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 35: Configuring Telnet and Secure Shell Resource Policy Details
| Option | Function | Your Action |
|---|---|---|
| Access Control > General tab | ||
Name | Specifies the name for the policy. | Enter the name. |
Description | Describes the policy. | Enter the description. |
Resources | Specifies the servers to which this policy applies. | Enter the server path. |
Applies to roles | Specifies the roles to which this policy applies. | Select one of the following options from the drop-down list:
|
Action | Allows or denies access to the servers specified in the Resources list. | Select one of the following options from the drop-down list.
|
| Role Selections tab | ||
Role Selections | Maps roles to the resource policy. Note: This Roles Selection tab is enabled only when you select Selected or the Except the selected option from the Applies to the role drop-down list. | Select a role and click Add to add roles from Non-members to Members list. |
| Detailed Rules tab | ||
Name | Specifies the detailed rule name. Note: This tab is enabled only when you select Detailed Rules from the Action drop-down list. | Enter a name. |
Action | Specifies the action you want to perform if the user request matches a resource in the Resource list (optional). | Select one of the following options from the drop-down list:
|
New Resources | Specifies the resource to which the detailed rule applies. | Specify one of the following options:
|
Conditions | Specifies one or more expressions to evaluate to perform the action. | Specify one of the following options:
|
| Options tab | ||
IP based matching for Hostname based policy resources | Allows the Secure Access device to look up the IP address corresponding to each hostname specified in a Telnet/SSH resource policy. When a user tries to access a server by specifying an IP address rather than the hostname, the Secure Access device compares the IP to its cached list of IP addresses to determine if a hostname matches an IP address. If there is a match, then the Secure Access device accepts the match as a policy match and applies the action specified for the resource policy. | Select Options > IP based matching for Hostname based policy resources to enable this feature. |
