63-14
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 63 Configuring IKE, Load Balancing, and NAC
Configuring IPsec
Creating IPsec Rule/Traffic Selection Tab
This pane lets you define what traffic to protect (permit) or not protect (deny).
Fields
• Action—Specify the action for this rule to take. The selections are protect and do not protect.
• Source—Specify the IP address, network object group or interface IP address for the source host or
network. A rule cannot use the same address as both the source and destination. Click ... to launch
the Browse Source dialog box that contains the following fields:
–
Add/Edit—Choose IP Address or Network Object Group to add more source addresses or
groups.
–
Delete—Click to delete an entry.
–
Filter—Enter an IP Address to filter the results displayed.
–
Name—Indicates that the parameters that follow specify the name of the source host or network.
–
IP Address—Indicates that the parameters that follow specify the interface, IP address, and
subnet mask of the source host or network.
–
Netmask—Chooses a standard subnet mask to apply to the IP address. This parameter appears
when you choose the IP Address option button.
–
Description—Enter a description.
–
Selected Source—Click Source to include the selected entry as a source.
• Destination—Specify the IP address, network object group or interface IP address for the
destination host or network. A rule cannot use the same address as both the source and destination.
Click ... to launch the Browse Destination dialog box that contains the following fields:
–
Add/Edit—Choose IP Address or Network Object Group to add more destination addresses or
groups.
–
Delete—Click to delete an entry.
–
Filter—Enter an IP Address to filter the results displayed.
–
Name—Indicates that the parameters that follow specify the name of the destination host or
network.
–
IP Address—Indicates that the parameters that follow specify the interface, IP address, and
subnet mask of the destination host or network.
–
Netmask—Chooses a standard subnet mask to apply to the IP address. This parameter appears
when you choose the IP Address option button.
–
Description—Enter a description.
–
Selected Destination—Click Destination to include the selected entry as a destination.
• Service—Enter a service or click ... to launch the browse service dialog box where you can choose
from a list of services.
• Description—Enter a description for the Traffic Selection entry.
• More Options
–
Enable Rule—Click to enable this rule.
–
Source Service—Enter a service or click ... to launch the browse service dialog box where you
can choose from a list of services.
–
Time Range—Define a time range for which this rule applies.
To Next Page
Loading...
