6-85
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
6






Configuring

Virtual

Contexts
Configuring
Security

with

ACLs
Destination
Destination
Network
Network
traffic

being

transmitted

to

the

destination

network

from

the

ACE:


Any—Choose
the

Any

radio

button

to
indicate
that

network
traffic
to

any
destination
is
allowed.


IP/Netmask—(IPv4
address

type)

Use

this

field

to

limit

access

to

a

specific

destination

IP
address.
Enter

the

source

IP

address

that

is

allowed

for

this

ACL.

Enter

a

specific
destination
IP

address

and

choose

its

subnet

mask.


IP/Prefix-length—(IPv6
address

type)
Use

this

field

to

limit

access

to

a

specific
destination
IP

address.

Enter

the

destination

IPv6

address

that

is

allowed

for

this

ACL

and
its
prefix

length.

IPv6

requires

ACE

module

and

ACE

appliance

software

Version

A5(1.0)
or
later.


Network
Object

Group—Choose

a

destination

network

object

group

to

apply

to

this

ACL.
Note
This
option

is

not

applicable

to

ACE

modules

running
release
3.0(0)A1(x)

and

ACE
4710
appliances

running

release

A1(x).
Destination
Port

Operator
Field
that

appears

if

you

choose

TCP

or

UPD

in

the

Protocol

field.
Choose
t

he

operand

to

use

to

compare

destination

por

t

numbers:


Equal
To—The

destination

port

must

be

the

same

as

the
number
in

the

Destination

Port
Number
field.


Greater
Than—The
destination
port
must
be

greater

than

the

number

in

the

Destination
Port
Number

field.


Less
Than—The

destination
port
must

be
less
than

the
number
in
the

Destination

Port
Number
field.


Not
Equal

To—The

destination

port
must
not
equal
the

number

in

the

Destination

Port
Number
field.


Range—The
destination
port
must

be
within

the

range

of

ports

specified

by

the

Lower
Destination
Port

Number

field

and

the

Upper

Destination

Port

Number

field.
Destination
Port

Number
Field
that

appears

if

you

choose

one

of

the

following

in

the

Destination

Port

Operator

field:
Equal
To,

Greater

Than,

Less

Than,

or

Not

Equal

To.
Enter
the

port

name

or

number

from

which

you

want

to

permit

or

deny

access.

For

a

list

of
ports
and

keywords,

see

t

he

“ANM

Ports

Reference”

section

on

page

A-1 .
Lower
Destination

Port
Number
Field
that

appears

if
you
choose

Range

in

the
Destination
Port

Operator

field.
Enter
the

number

of

the

lowest

port

to

which

you

want

to

permit

or

deny

access.

Valid

entries
are
from

0

to

65535.

The

number

in

this

field

must


be

less

than

t

he

number

entered

in

t

he
Upper
Destination

Port

Number

field.
Upper
Destination

Port
Number
Field
that

appears

if
you
choose

Range

in

the
Destination
Port

Operator

field.
Enter
t

he

port

number

of

the

upper

port

to

which

you

want

to

permit

or

de

ny

access.

Valid
entries
are

from

0

to

65535.

The

number

in

this

field

must

be

greater

than

the

number

entered
in
the

Lower

Destination

Port

Number

field.
Table
6-19
Extended
ACL

Configuration

Options

(continued)
Field
Description