Lock-and-Key ACLs

Lock-and-key is a traffic-filtering security feature that you can use to dynamically filter IP traffic. You configure lock-and-key by using IP dynamic extended ACLs. You can use lock-and-key in conjunction with other standard ACLs and static extended ACLs.

When you configure lock-and-key, you designate which users, whose IP traffic is normally blocked, can gain temporary access through the device. When lock-and-key is triggered, it reconfigures the interface's existing IP ACL to permit designated users to reach their designated host(s). Afterward, lock-and-key reconfigures the IP ACL to its original state until its next use.

A user can trigger lock-and-key to obtain temporary access by first using a standard Telnet session to ...

Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.