Cisco ASA 5505 Configuration Manual page 1294

Configuring IPsec
Creating IPsec Rule/Traffic Selection Tab
This pane lets you define what traffic to protect (permit) or not protect (deny).
Fields
•
•
•
•
•
•
Cisco ASA 5500 Series Configuration Guide using ASDM
63-14
Action—Specify the action for this rule to take. The selections are protect and do not protect.
Source—Specify the IP address, network object group or interface IP address for the source host or
network. A rule cannot use the same address as both the source and destination. Click ... to launch
the Browse Source dialog box that contains the following fields:
Add/Edit—Choose IP Address or Network Object Group to add more source addresses or
–
groups.
Delete—Click to delete an entry.
–
Filter—Enter an IP Address to filter the results displayed.
–
Name—Indicates that the parameters that follow specify the name of the source host or network.
–
IP Address—Indicates that the parameters that follow specify the interface, IP address, and
–
subnet mask of the source host or network.
Netmask—Chooses a standard subnet mask to apply to the IP address. This parameter appears
–
when you choose the IP Address option button.
Description—Enter a description.
–
Selected Source—Click Source to include the selected entry as a source.
–
Destination—Specify the IP address, network object group or interface IP address for the
destination host or network. A rule cannot use the same address as both the source and destination.
Click ... to launch the Browse Destination dialog box that contains the following fields:
Add/Edit—Choose IP Address or Network Object Group to add more destination addresses or
–
groups.
Delete—Click to delete an entry.
–
Filter—Enter an IP Address to filter the results displayed.
–
Name—Indicates that the parameters that follow specify the name of the destination host or
–
network.
IP Address—Indicates that the parameters that follow specify the interface, IP address, and
–
subnet mask of the destination host or network.
Netmask—Chooses a standard subnet mask to apply to the IP address. This parameter appears
–
when you choose the IP Address option button.
Description—Enter a description.
–
Selected Destination—Click Destination to include the selected entry as a destination.
–
Service—Enter a service or click ... to launch the browse service dialog box where you can choose
from a list of services.
Description—Enter a description for the Traffic Selection entry.
More Options
Enable Rule—Click to enable this rule.
–
Source Service—Enter a service or click ... to launch the browse service dialog box where you
–
can choose from a list of services.
Time Range—Define a time range for which this rule applies.
–
Chapter 63 Configuring IKE, Load Balancing, and NAC
OL-20339-01