Cisco Systems ASA 5525-X Network Router User Manual


  Open as PDF
of 2086
 
69-18
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
ACL Manager
Paste—Opens the Paste ACE dialog box, in which you can create a new ACL rule from an existing
rule.
No—Indicates the order of evaluation for the rule. Implicit rules are not numbered, but are
represented by a hyphen.
Address—Displays the IP address or URL of the application or service to which the ACE applies.
Action—Specifies whether this filter permits or denies traffic flow.
Description—Shows the description you typed when you added the rule. An implicit rule includes
the following description: “Implicit outbound rule.”
Modes
The following table shows the modes in which this feature is available:
Extended ACL
This pane provides summary information about extended ACLs, and lets you add or edit ACLs and
ACEs.
Fields
Add—Lets you add a new ACL. When you highlight an existing ACL, it lets you add a new ACE
for that ACL.
Edit—Opens the Edit ACE dialog box, in which you can change an existing access control list rule.
Delete—Removes an ACL or ACE. There is no confirmation or undo.
Move Up/Move Down—Changes the position of a rule in the ACL Manager table.
Cut—Removes the selection from the ACL Manager table and places it on the clipboard.
Copy—Places a copy of the selection on the clipboard.
Paste—Opens the Paste ACE dialog box, in which you can create a new ACL rule from an existing
rule.
No—Indicates the order of evaluation for the rule. Implicit rules are not numbered, but are
represented by a hyphen.
Enabled—Enables or disables a rule. Implicit rules cannot be disabled.
Source—Specifies the IP addresses (Host/Network) that are permitted or denied to send traffic to
the IP addresses listed in the Destination column. In detail mode (see the Show Detail radio button),
an address column might contain an interface name with the word any, such as inside: any. This
means that any host on the inside interface is affected by the rule.
Destination—Specifies the IP addresses (Host/Network) that are permitted or denied to send traffic
to the IP addresses listed in the Source column. An address column might contain an interface name
with the word any, such as outside: any. This means that any host on the outside interface is affected
by the rule. An address column might also contain IP addresses; for example
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
——