14-37
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
14






Configuring

Traffic

Policies
Configuring
Rules

and

Actions

for

Policy

Maps
Step
5
Do
one

of

the

following:


Click
Deploy
Now

to

deploy
this
configuration

on

t

he
ACE

and

save

your

entries

t

o

the
running-configuration
and

startup-configuration

files.

The

window

refreshes

and

the

Action

table
appears.
Continue

with

Step

6 .


Click
Cancel
to
exit

this

procedure

without
saving
your

entries

and

to

return

to

the
Rule
table.
Note
If
you

chose

the

Insert

Before

option

described

in
Ta
b

l

e
14-16

and

specified

True,

perform

the
following
steps

to

refresh

the

Rul

e

tab

bef

ore

adding

an

action

for

this

rul

e:
1.
Click

the

Rule

tab

to

refresh

the

Rule

table.


2.
In

the

Rule

table,

choose

the

newly

added

rule.
When
the

window

refreshes,

an

empty

action

list

appears.
Step
6
In
the

Action

table,

click
Add
to

add

an

entry

or
choose
an
existing
entry

to
modify
and

click
Edit.
Step
7
In
the

Id

field,
accept
the

automatically

incremented

entry

or
assign
a

unique
identifier
for

this

action.
Step
8
In
the

Action

Type

field,

configure

actions
for
this

rule

using
the
information
in
Ta
b

l

e
14-17
.
Ta
b

l

e


14-17
Generic
Server

Load

Balancing

Policy

Map

Actions
Action
Description
Drop
Field
that

instructs

the

ACE

to

discard

packets

that

match

this

policy

map.

In

the

Action

Log

field,
specify
whether

or

not

the

dropped

packets

are

to

be

logged

in

the

software:


N/A—This
option

is
not
configured.


Fal
se—Dropped

packets

are

not

to
be
logged

in

the

software.


Tr
u

e

—Dropped
packets
are

to
be
l

ogged

i

n

the

sof

tware.
Forward
Field
that

instructs

the

ACE

to

forward

the

traffic

that

matches

this

policy

map

to

its

destination.
Reverse
S

ti

cky
Feature
that

applies

onl

y

t

o

the

ACE

module

version

3.

0(0)A2(1.1),

ACE

appliance

version
A4(1.0),
or

later

releases

of

either

device

type.

Reverse

IP

stickiness

is

an

enhancement

to

regular
stickiness
and

is

used

mainly

in

FWLB.

It

ensures

that

multiple

distinct

connections

that

are
opened
by

hosts

at

both

ends

(client

and

server)

are

load-balanced

and

stuck

to

the

same

firewall.
Reverse
stickiness

applies

to

such

protocols

as

FTP,

RTSP,

SIP,

and

so

on

where

there

are

separate
control
channels

and

data

channels

opened

by

the

client

and

the

server,

respectively.

For

complete
details
about

reverse

stickiness,

see

the

Release

Note

for

the

Cisco

Application

Control

Engine
Module
(Software

Version

3.0(0)A2(X)) .
In
the

St

icky

Group

field,

choose

an

existing

IP

netmask

sticky

group

that

you

want

to

associate
with
reverse

IP

stickiness.