Cisco ASA 5505 Configuration Manual page 640

Configuring Access Rules
•
In the Source field, enter an IP address that specifies the network, interface IP, or any address from which
Step 5
traffic is permitted or denied to the specified destination.
For more information about enabling IPv6 on an interface, see
In the Destination field, enter an IP address that specifies the network, interface IP, or any address to
Step 6
which traffic is permitted or denied from the source specified in the Source field.
Step 7 Select the service type.
(Optional) To add a time range to your access rule that specifies when traffic can be allowed or denied,
Step 8
click More Options to expand the list.
a.
b.
c.
d.
e.
f.
(Optional) In the Description field, add a text description about the access rule.
Step 9
The description can contain multiple lines; however, each line can be no more than 100 characters in
length.
(Optional) Logging is enabled by default. You can disable logging by unchecking the check box, or you
Step 10
can change the logging level from the drop-down list. The default logging level is Informational.
Click OK. The access rule appears with the newly configured access rules.
Step 11
Click Apply to save the access rule to your configuration.
Step 12
After you add access rules, you can click the following radio buttons to filter which access rules appear
Note
in the main pane: IPv4 and IPv6, IPv4 Only, or IPv6 Only.
Adding an EtherType Rule (Transparent Mode Only)
The EtherType Rules window shows access rules based on packet EtherTypes. EtherType rules are used
to configure non-IP related traffic policies through the adaptive security appliance when operating in
transparent mode. In transparent mode, you can apply both extended and EtherType access rules to an
interface. EtherType rules take precedence over the extended access rules.
For more information about EtherType rules, see the
page
To add an EtherType rule, perform the following steps:
Cisco ASA 5500 Series Configuration Guide using ASDM
30-8
Deny—Denies access if the conditions are matched.
To the right of the Time Range drop down list, click the browse button.
The Browse Time Range dialog box appears.
Click Add.
The Add Time Range dialog box appears.
In the Time Range Name field, enter a time range name, with no spaces.
Choose the Start Time and the End Time.
To specify additional time constraints for the time range, such as specifying the days of the week or
the recurring weekly interval in which the time range will be active, click Add, and choose the
specifications.
Click OK to apply the optional time range specifications.
30-1.
Chapter 30
Chapter 8, "Configuring Interfaces."
"Information About Access Rules" section on
Configuring Access Rules
OL-20339-01