To manually place a temporary access list entry on a router to which you are connected, use the access-template EXEC command.
access-template [access-list-number | name] [dynamic-name] [source] [destination] [timeout minutes]
access-list-number (Optional) Number of the dynamic access list.
name (Optional) Name of an IP access list. The name cannot contain a space or quotation mark, and must begin with an alphabetic character to avoid ambiguity with numbered access lists.
dynamic-name (Optional) Name of a dynamic access list.
source (Optional) Source address in a dynamic access list. The keywords host and any are allowed. All other attributes are inherited from the original access-list entry.
destination (Optional) Destination address in a dynamic access list. The keywords host and any are allowed. All other attributes are inherited from the original access-list entry.
timeout minutes (Optional) Specifies a maximum time limit for each entry within this dynamic list. This is an absolute time, from creation, that an entry can reside in the list. The default is an infinite time limit and allows an entry to remain permanently.
EXEC
| Release | Modification | 11.1 | This command was introduced. |
|---|
This command provides a way to enable the lock-and-key access feature.
You should always define either an idle timeout (with the timeout keyword in this command) or an absolute timeout (with the timeout keyword in the access-list command). Otherwise, the dynamic access list will remain, even after the user has terminated the session.
In the following example, the software enables IP access on incoming packets in which the source address is 172.29.1.129 and the destination address is 192.168.52.12. All other source and destination pairs are discarded.
access-template 101 payroll host 172.29.1.129 host 192.168.52.12 timeout 2
| Command | Description |
|---|---|
| access-list (IP extended) | Defines an extended IP access list. |
| autocommand | Configures the Cisco IOS software to automatically execute a command when a user connects to a particular line. |
| clear access-template | Clears a temporary access list entry from a dynamic access list manually. |
| show ip accounting | Displays the active accounting or checkpointed database or displays access list violations. |
Printed for apswan@ctr.ap.nic.in on Wed Mar 5 22:32:57 PST 2003
All material in this document copyright 2000 Cisco Systems, Inc. All rights reserved. No material may be reproduced or distributed without written permission of Cisco Systems, Inc.