Support User Manuals

Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

22-9

Cisco ASDM User Guide

OL-16647-01

Chapter 22 Configuring Service Policy Rules

Adding a Service Policy Rule for Through Traffic

If you want to specify a TCP or UDP port number, or an ICMP service number, enter

protocol/port. For example, enter TCP/8080.

By default, the service is IP.

Separate multiple services by a comma.

e. (Optional) Enter a description in the Description field.

f. (Optional) To specify a source service for TCP or UDP, click the More Options area open, and

enter a TCP or UDP service in the Source Service field.

The destination service and source service must be the same. Copy and paste the destination

Service field to the Source Service field.

g. (Optional) To make the rule inactive, click the More Options area open, and uncheck Enable

Rule.

This setting might be useful if you do not want to remove the rule, but want to turn it off.

h. (Optional) To set a time range for the rule, click the More Options area open, and from the Time

Range drop-down list, choose a time range.

To add a new time range, click the ... button. See the “Configuring Time Ranges” section on

page 19-15 for more information.

This setting might be useful if you only want the rule to be active at predefined times.

• Tunnel Group—Choose a tunnel group from the Tunnel Group drop-down list, or click New to add

a new tunnel group. See the “IPSec Remote Access Connection Profiles” section on page 35-49 for

more information.

To police each flow, check Match flow destination IP address. All traffic going to a unique IP

destination address is considered a flow.

• Destination Port—Click TCP or UDP.

In the Service field, enter a port number or name, or click ... to choose one already defined in ASDM.

• RTP Range—Enter an RTP port range, between 2000 and 65534. The maximum number of port sin

the range is 16383.

• IP DiffServ CodePoints (DSCP)—In the DSCP Value to Add area, choose a value from the Select

Named DSCP Values or enter a value in the Enter DSCP Value (0-63) field, and click Add.

Add additional values as desired, or remove them using the Remove button.

• IP Precedence—From the Available IP Precedence area, choose a value and click Add.

Add additional values as desired, or remove them using the Remove button.

Step 7 Click Next.

The Add Service Policy Rule - Rule Actions dialog box appears.

Step 8 Configure one or more rule actions according to the following sections:

• Chapter 24, “Configuring Application Layer Protocol Inspection.”

• “Configuring Connection Settings” section on page 27-6

• Chapter 25, “Configuring QoS.”

• Chapter 28, “Configuring IPS.”

• Chapter 29, “Configuring Trend Micro Content Security.”

• Chapter 24, “Configuring MMP Inspection for a TLS Proxy”

previous next