Filter
Top Products
17-14
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 17 Managing Firewall Inspection Rules
Inspection Rules Page
The following table describes the options presented on page 2 of the Inspect/Application FW Rule
Wizard after you have selected Default Protocol Ports and Limit inspection between source and
destination IP addresses on the first page of the wizard, and when you select Source and Destination
Address and Port on the first page. The first page of the wizard is described in Add or Edit
Inspect/Application FW Rule Wizard, page 17-10.
Ports The port(s) used by the traffic you want to inspect. Valid values range
from 1 to 65535.
• Single—Specify one port number only.
• Range—Specify a range of ports, for example, 10000-11000.
When configuring custom ports, be aware that port ranges might
not be supported on all platforms or OS versions. Any conflicts are
identified during policy validation, not while you are editing this
rule.
Tip If you specify a port or port range that conflicts with a
pre-defined port mapping, the device does not allow the port to
be remapped.
Table 17-3 Add and Edit Inspect/Application FW Rule Wizard Step 2: Protocol and Port Page
Element Description
Table 17-4 Add and Edit Inspect/Application FW Rule Wizard Step 2: Action, Sources,
Destinations, and Services Page
Element Description
Action Whether you are identifying traffic that should be inspected based on
the conditions set. Typically, you will create Permit rules.
• Permit—Identifies traffic that will be inspected.
• Deny—Exempts the traffic from inspection. Your access rules will
determine if the traffic is allowed or blocked.