Command:

access-enable


Mode:

Router#


Syntax:

access-enable [host] [timeout minutes]


Syntax Description:

 

host

Tells the software to enable access only for the host from which the Telnet session originated. If not specified, the software allows all hosts on the defined network to gain access. The dynamic access list contains the network mask to use for enabling the new network.

timeout

Specifies an idle timeout for the temporary access list entry. If the access list entry is not accessed within this period, it is automatically deleted and requires the user to authenticate again. The default is for the entries to remain permanently.


Command Description:

 

To enable the router to create a temporary access list entry in a dynamic access list, use the access-enable privileged EXEC command. This command enables the lock-and-key access feature.

Always define either an idle timeout (with the timeout keyword in this command), or an absolute timeout (with the timeout keyword in the access-list command). Otherwise, the temporary access list entry will remain, even after the user terminates the session.

Use the autocommand command with the access-enable command to cause the access-enable command to execute when a user opens a Telnet session into the router.


Example:

The following example causes the software to create a temporary access list entry and tells the software to enable access only for the host from which the Telnet session originated. If the access list entry is not accessed within 5 minutes, it is deleted:

Router#access-enable host timeout 5


Misconceptions:

 

None


Related Commands:

 

dynamic

 

ip access-list extended

 

access-list

 


� Cisco Systems, Inc. 2001, 2002, 2003
World Wide Education

Converted from CHM to HTML with chm2web Pro 2.85 (unicode)