6-82
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
6






Configuring

Virtual

Contexts
Configuring
Security

with

ACLs
Note
To
add,
modify,

or


delete

Object
Groups
go

t

o
the
“Configuring
Object
Groups”
section

on

pa

ge
6-89
.
Step
4
Do
one

of

the

following:


Click
Deploy
to

deploy

this

newly

created

ACL

entries

along

with

VLAN

interface

assignments

that
were
configured.


Click
Cancel
to
exit

this

procedure

without
saving
your

entries

and

to

return

to

the
ACLs
table.
Related
Topics


Configuring
Security
with

ACLs,

page
6-78


Setting
EtherType

ACL

Attributes,

page
6-87


Setting
Extended

ACL

Attributes,

page
6-82


Resequencing
Extended

ACLs,

page
6-87


Editing
or

Deleting

ACLs,

page
6-100


Displaying
ACL

Information

and

Statistics,
page
6-89
Setting
Extended

ACL

Attributes
You
can

configure

extended

ACL

attributes

that

allows

you

to

specify

both

the

source

and

the

destination
IP
addresses

of

traffic

and

the

protocol

and

the

action

t

o

be

t

aken.
For
TCP,

UDP,

and

ICMP

connections,

you

do

not

need

to

also

apply

an

ACL

on

the

destination

interface
to
allow

returning

traffic,

because

the

ACE

allows

all

returning

traffic

for

established

connections.
Note
By
default,

all

traffic

is

denied

by
the
ACE

unless
explicitly
allowed.

Only

traffic

that

is

explicitly
allowed
in

an

ACL

can

pass.

All

other

traffic

is

denied.
Note
The
ACE

does

not
explicitly
support

st

andard

ACLs.

To

configure

a

standard

ACL,

specify

t

he
destination
address

as

any

and

do

not

specify

the

ports

in

an

extended

ACL.
Procedure
Step
1
Choose
the

item

to

configure:


To
configure

a

virtual

context,

choose
Config
>

Devices

>

context

>

Security

>

ACLs.


To
configure
a

configuration

building

bl

ock,

choose
Config
>
Global
>
All

Building

Blocks
>
building_block
>

Security

>

ACLs.
The
ACLs

table

appears,

listing

the

existing

ACLs.
Step
2
In
the

ACLs

table,

click
Add.
The
New

Access

Li

st

configuration

window

appears.
Step
3
Click
Add
to

add
an
entry

to

the

table,

or

choose

an

existing

entry

and
click
Edit
to

modify

it.