6-84
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
6






Configuring

Virtual

Contexts
Configuring
Security

with

ACLs
ICMP
Min.

Message

Code
These
fields

appear

onl

y

when

the

sel

ected

protocol

type

i

s

ICMP

and

the

ICMP

Message
Code
Operator

is

set

to

Range.
Enter
the

beginning

and

ending

value

for

a

range

of

services

for

this

service

object.

Valid
entries
are

integers

from

0

to

255.

The

minimum

value

must

be

less

that

the

maximum

value.
ICMP
Max.

Message

Code
Source
Source
Network
Network
traffic

being

received

from

the

source

network

to

the

ACE:


Any—Choose
the
Any
radio

button

to
indicate
that

network

t

raffic

fr

om

any

source

is
allowed.


IP/Netmask—(IPv4
address

type)
Use
this

field

to

limit

access

to

a

specific
source

IP
address.
Enter

the

source

IP

address

that

is

allowed

for

this

ACL.

Enter

a

specific

source
IP
address

and

choose

its

subnet

mask.


IP/Prefix-length—(IPv6
address

type)

Use

this

field

to

limit

access

to

a

specific

source

IP
address.
Enter

the

source

IPv6

address

that

is

allowed

for

this

ACL

and

its

prefix

length.
IPv6
requires

ACE

module

and

ACE

appliance

software

Version

A5(1.0)

or

later.


Network
Object

Group—Choose

a

source

network

object

group

to

apply

to
this
ACL.
Note
This
option

is

not

applicable

to

ACE

modules

running
release
3.0(0)A1(x)

and

ACE
4710
appliances

running

release

A1(x).
Source
Port

Operator
Field
that

appears

if

you

choose

TCP

or

UPD

in

the

Protocol

field.
Choose
the

operand

to

use

to

compare

source

port

numbers:


Equal
To—The

source

port
must
be
the

same

as

the

number

in

the

Source

Port

Number
fi
el

d.


Greater
Than—The

sour

ce

por

t

must

be

greater

t

han
the
number

in
the
Source

Port
Number
field.


Less
Than—The
source
port
must

be
less
than

the

number
in
the

Source

Port

Number
fi
el

d.


Not
Equal

To—The

source
port
must

not

equal
the
number
in
the

Source

Port

Number
fi
el

d.


Range—The
source

port

must

be

within

the

range

of
ports
specified

by

the

Lower

Source
Port
Number

field

and

the

Upper

Sour

ce

Port

Number

field.
Source
Port

Number
Field
that

appears

if

you

choose

one

of

the

following

the

Source

Port

Operator

field:

Equal

To,
Greater
Than,

Less

Than,

or

Not

Equal

To.
Enter
the

port

name

or

number

from

which

you

want

to

permit

or

deny

access.

For

a

list

of
ports,
see

the

“ANM

Ports

Reference”

section

on

page

A-1 .
Lower
Source

Port

Number
Field
that

appears

if

you

choose

Range

in

the

Source

Port

Operator

field.
Enter
the

number

of

the

lowest

port

from

which

you

want

to

permit

or

deny

access.

Valid
entries
are

from

0

to

65535.

The

number

in

this

field

must

be

less

than

the

number

entered

in
the
Upper

Sour

ce

Port

Number

field.
Upper
Source

Port

Number
Field
that

appears

if

you

choose

Range

in

the

Source

Port

Operator

field.
Enter
the

port

number

of

the

upper

port

from

which

you

want

to

permit

or

deny

access.

Valid
entries
are

from

0

to

65535.

The

number

in

this

field

must

be

greater

than

the

number

entered
in
the

Lower

Source

Port

Number

field.
Table
6-19
Extended
ACL

Configuration

Options

(continued)
Field
Description