Meanings of the Permit and Deny Keywords
Meanings of the Permit and Deny Keywords
Rule Type
Access rule
NAT rule
IPSec rule
(Extended only)
Access rule used in
route map
Services and Ports
Cisco Router and Security Device Manager Version 2.2 User's Guide
30-6
Reserved Addresses
You must not use the following addresses in the range of addresses that you
specify:
The network/subnetwork IP address.
•
The broadcast address on the network.
•
Rule entries can be used in access rules, NAT rules, IPSec rules, and in access
rules associated with route maps. Permit and Deny have various meanings
depending on which type of rule is using it.
Meaning of Permit
Allow matching traffic in or out of the
interface to which the rule has been
applied.
Translate the IP address of matching
traffic to the specified
address or
outside local
Encrypt traffic with matching address. Do not encrypt traffic. Allow it to be
Protect matching addresses from NAT
translation.
This topic lists services you can specify in rules, and their corresponding port
numbers. It also provides a short description of each service.
This topic is divided into the following areas:
TCP Services
•
UDP Services
•
ICMP Message Types
•
Meaning of Deny
Drop matching traffic.
Do not translate the address.
inside local
address.
sent unencrypted.
Do not protect matching addresses from
NAT translation.
Chapter 30
More About....
OL-4015-08