Cisco Systems CL-28826-01 Security Camera User Manual


  Open as PDF
of 2616
 
14-11
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 14 Managing TrustSec Firewall Policies
Configuring TrustSec Firewall Policies
(Policy view) Select TrustSec > SXP Connection Peers from the Policy selector. Select an existing
policy or create a new one.
To add an entry, click the Add Row (+) button.
To edit an entry, select it and click the Edit Row (pencil) button.
Related Topics
About Speaker and Listener Roles, page 14-6
Prerequisites for Integrating an ASA with Cisco TrustSec, page 14-6
Field Reference
Table 14-2 Identity Options Advanced Tab
Element Description
Peer IP Address The IPv4 or IPv6 address of the SXP peer. The peer IP address must be
reachable from the ASA outgoing interface.
You can enter an IP address or the name of a network/host object, or
click Select to select the object from a list or to create a new one.
Source IP Address (Optional) The local IPv4 or IPv6 address of the SXP connection.
Specifying the source IP address is optional, however, specifying it
safeguards misconfiguration.
You can enter an IP address or the name of a network/host object, or
click Select to select the object from a list or to create a new one.
Note You cannot configure the Source IP Address and Peer IP
Address with the same address. Also, you cannot use an IPv4
address with one field and an IPv6 address with the other.
Password Whether to use the authentication key for the SXP connection. Select
from the following values:
default—Use the default password configured for SXP
connections. See Defining SXP Connection Peers, page 14-9.
none—Do not use a password for the SXP connection.
Mode The mode of the SXP connection. Select from the following values:
local—Use the local SXP device.
peer—Use the peer SXP device.
Role Whether the ASA functions as a Speaker or Listener for the SXP
connection:
listener—The ASA can receive IP-SGT mappings from
downstream devices.
speaker—The ASA can forward IP-SGT mappings to upstream
devices.
See About Speaker and Listener Roles, page 14-6.
 previous next