Filter
Top Products
CHAPTER
20-1
Cisco ASDM User Guide
OL-16647-01
20
Configuring Access Rules and EtherType Rules
This chapter describes how to configure access rules and EtherType rules, and includes the following
topics:
• Information About Access Rules and EtherType Rules, page 20-1
• Configuring Access Rules, page 20-7
• Configuring Ethertype Rules (Transparent Mode Only), page 20-16
Note You use access rules to control network access in both routed and transparent firewall modes. In
transparent mode, you can use both access rules (for Layer 3 traffic) and EtherType rules (for Layer 2
traffic).
To access the security appliance interface for management access, you do not also need an access rule
allowing the host IP address. You only need to configure management access according to
Chapter 16,
“Configuring Management Access.”.
Information About Access Rules and EtherType Rules
Your access policy is made up of one or more access rules and/or EtherType rules per interface.
You can use access rules in routed and transparent firewall mode to control IP traffic. An access rule
permits or denies traffic based on the protocol, a source and destination IP
address or network, and
optionally the source and destination ports.
Note To allow any traffic to enter the security appliance, you must attach an inbound access rule to an
interface; otherwise, the security appliance automatically drops all traffic that enters that interface.
For transparent mode only, an EtherType rule controls network access for non-IP traffic. An EtherType
rule permits or denies traffic based on the EtherType.
This section includes the following topics:
• Information About Both Access Rules and EtherType Rules, page 20-2
• Information About Access Rules, page 20-3
• Information About EtherType Rules, page 20-6