14-50
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
14






Configuring

Traffic

Policies
Configuring
Rules

and

Actions

for

Policy

Maps
Step
5
Do
one

of

the

following:


Click
Deploy
Now

to

deploy
this
configuration

on

t

he
ACE

and

save

your

entries

t

o

the
running-configuration
and

startup-configuration

files.

The

window

refreshes

and

the

Action

table
appears.
Continue

with

Step

6 .


Click
Cancel
to
exit

this

procedure

without
saving
your

entries

and

to

return

to

the
Policy
Maps
table.


Click
Next
t

o
deploy
your

entries

and

to
configure
another
rule.
Note
If
you

chose

the

Insert

Before

option

described

in
Ta
b

l

e
14-20

and

specified

True,

perform

the
following
steps

to

refresh

the

Rul

e

tab

bef

ore

adding

an

action

for

this

rul

e:
1.
Click

the

Rule

tab

to

refresh

the

Rule

table.


2.
In

the

Rule

table,

choose

the

newly

added

rule.
When
the

window

refreshes,

an

empty

action

list

appears.
Step
6
In
the

Action
table,
click
Add
to
add
an

entry,

or

choose

an

existing

entry

and

click
Edit
to

modify

it.
The
Action

configuration

window

appears.
Step
7
In
the

Id
field

of

the

Action

configuration

window,

either

accept

the
automatically
incremented

entry

or
assign
a

unique

identifier

for

this

action.
Step
8
In
the

Action

Type

field,

specify

the

action

to

be
taken
for
this

rule:


Deny—The
ACE

is

to

deny

the

specified
FTP
command

when

this

rule

is

met.
Match
Condition
Match
condition

to

use

for

this

traffic

policy.
Do
the

following:
a.
In
the

Match

Condition
Name
field,
enter

a

name

for
this
match
condition.

Valid

entries

are
unquoted
text

strings

with

no

spa

ces

and

a

maximum

of

64

al

phanumeric

characters.
b.
In
the

Match

Condition
Type
field,
confirm
that

Request

Method

Name

is

selected.
c.
In
the
Request

Method

Name

field,

choose

the

FTP

command

to

be

inspected

for
this
rule.
Ta
b

l

e


14-8

describes

th

e

FTP

co

mmands

that

can

be

inspected.
Insert
Before
Order
of

the

rules

in

the

policy

map.
Do
the

following:
a.
Specify
whether

or
not
this
rule

is

to

precede
another
rule
for
this

policy

map.

Choices

are

as
follows:


N/A—This

option

is

not

configured.


Fal

se—This

rule

is

not

to

precede

another

rule

in

this

policy

map.


Tr

u

e

—This

rule

is

to

precede

another

rule

in

this

policy

map.

The

Insert

Before

Policy

Rule
field
appears.
b.
If
you

chose

True,

in

the

Insert
Before
Policy

Rule

field,

choose

the

rule

that
you
want

the

current
rule
to

precede.
Table
14-20
Layer
7

FTP

Command

Inspection

Policy

Map

Rules

(continued)
Option
Description