access-enable [host] [timeout minutes]
基本介紹
- 外文名:access-enable
- Command:EXEC
- Defaults:No default behavior or values.
- History:Release Modification11.1
Syntax Description,Defaults,Command Modes,Command History,Usage Guidelines,Examples,
access-enable
To enable the router to create a temporary access list entry in a dynamic access list, use the access-enable command in EXEC mode.
Syntax Description
host
(Optional) Tells the software to enable access only for the host from which the Telnet session originated. If not specified, the software allows all hosts on the defined network to gain access. The dynamic access list contains the network mask to use for enabling the new network.
timeout minutes
(Optional) Specifies an idle timeout for the temporary access list entry. If the access list entry is not accessed within this period, it is automatically deleted and requires the user to authenticate again. The default is for the entries to remain permanently. We recommend that this value equal the idle timeout set for the WAN connection.
Defaults
No default behavior or values.
Command Modes
EXEC
Command History
Release Modification
11.1
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
Usage Guidelines
This command enables the lock-and-key access feature.
You should always define either an idle timeout (with the timeout keyword in this command) or an absolute timeout (with the timeout keyword in the access-list command). Otherwise, the temporary access list entry will remain, even after the user terminates the session.
Use the autocommand command with the access-enable command to cause the access-enable command to execute when a user opens a Telnet session into the router.
Examples
The following example causes the software to create a temporary access list entry and tells the software to enable access only for the host from which the Telnet session originated. If the access list entry is not accessed within 2 minutes, it is deleted.
autocommand access-enable host timeout 2
Related Commands
Command Description
access-list (IP extended)
Defines an extended IP access list.
autocommand
Configures the Cisco IOS software to automatically execute a command when a user connects to a particular line.
show ip accounting
Displays the active accounting or checkpointed database or displays access list violations.