6-79
User
Guide
for
the
Cisco
Application
Networking
Manager
5.2
OL-26572-01
Chapte
r
6
Configuring
Virtual
Contexts
Configuring
Security
with
ACLs
You
can
apply
only
one
extended
ACL
to
each
direction
(inbound
or
outbound)
of
an
interface.
You
can
also
apply
the
same
ACL
on
multiple
interfaces.You
can
apply
EtherType
ACLs
in
only
the
inbound
direction
and
on
only
Layer
2
interfaces.
Note
By
default,
all
traffic
is
denied
by
the
ACE
unless
explicitly
allowed.
Only
traffic
that
is
explicitly
allowed
in
an
ACL
can
pass.
All
other
traffic
is
denied.
This
section
includes
the
following
topics:
•
Creating
ACLs,
page
6-79
•
Setting
Extended
ACL
Attributes,
page
6-82
•
Resequencing
Extended
ACLs,
page
6-87
•
Setting
EtherType
ACL
Attributes,
page
6-87
•
Displaying
ACL
Information
and
Statistics,
page
6-89
Creating
ACLs
You
can
cr
eate
an
ACL.
Note
By
default,
the
ACE
denies
all
traffic
unless
explicitly
allowed.
Only
traffic
that
is
explicitly
allowed
in
an
ACL
can
pass.
All
other
traffic
is
denied.
Procedure
Step
1
Choose
the
item
to
configure:
•
To
configure
a
virtual
context,
choose
Config
>
Devices
>
context
>
Security
>
ACLs
.
•
To
configure
a
configuration
building
bl
ock,
choose
Config
>
Global
>
All
Building
Blocks
>
building_block
>
Security
>
ACLs
.
The
ACLs
table
appears
listing
the
existing
ACLs.
The
ACL
fields
are
described
in
Ta
b
l
e
6-17
.
Note
Fields
and
information
related
to
IPv6
require
ACE
module
and
ACE
appliance
software
Version
A5(1.0)
or
later.
