Filter
Top Products
7-12
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 7 Managing FlexConfigs
Understanding FlexConfig Policies and Policy Objects
SYS_FW_MPCRULE_TRAFFI
CFLOW_
TUNNELGROUPNAME
1 Names of tunnel groups specified in Traffic Flow
objects.
Traffic Flow objects configure class-map commands
on PIX/ASA devices, and the names of the tunnel
groups listed in Traffic Flow objects populate this
variable. This variable is used by the
ASA_define_traffic_flow_tunnel_group FlexConfig
object to create tunnel groups on PIX/ASA devices.
This variable is optional.
SYS_FW_MULTICAST_PIM_
ACCEPT_ REG_ROUTEMAP
0 Route-map name used in the pim accept-register
route-map command.
Enter a name for the route-map (Platform > Multicast
> PIM > Request Filter), then configure its features
using FlexConfig to generate values for this variable.
This variable is optional.
SYS_FW_NAT0_ACL_NAMES 1 Names of ACLs used in the nat interface_name 0
access-list acl_name command.
This variable is optional.
SYS_FW_OSPF_PROCESS_ID
_LIST
1 IDs for OSPF routing processes globally configured
on PIX Firewalls, Firewall Service Modules, and ASA
devices.
Configure Platform > Routing > OSPF policies to
generate values for this variable.
SYS_FW_OSPF_REDISTRIBU
TION_ ROUTE_MAP_LIST
1 Names for the route maps to apply to the OSPF
redistribute commands configured on PIX Firewalls,
Firewall Service Modules, and ASA devices.
Configure Platform > Routing > OSPF policies to
generate values for this variable.
SYS_FW_POLICY_NAT_ACL
_NAMES
1 Names of ACLs used in the policy nat commands (nat
commands with non-0 pool id).
Configure NAT (NAT > Translation Rules > Policy
NAT) to generate values for this variable. This
variable applies to only PIX 6.3(3) and higher,
PIX/ASA 7.x, 8.0(x), 8.1(x), and 8.2(x), and FWSM
devices. This variable does not apply to Cisco IOS
routers.
This variable is optional.
Table 7-2 Firewall System Variables (Continued)
Name Dimension Description