Chapter9 Firewall Policy
Edit Firewall Policy/ACL
9-8
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Cut button Click to remove a chosen access rule entry. The entry is
placed on the clipboard and can be pasted to another position
in the list, or it can be pasted to another access rule. If you
want to reorder an entry, you can cut the entry from one
location, choose an entry before or after the location that you
want for the cut entry, and click Paste. The Paste context
menu allows you to place the entry before or after the entry
you chose.
Copy button Choose a rule entry and click to put the rule entry on the
clipboard.
Paste button Click to paste an entry on the clipboard to the chosen rule.
You will be prompted to specify whether you want to paste
the entry before or after the currently chosen entry. If Cisco
SDM determines that an identical entry already exists in the
access rule, it displays the Add an Extended Rule Entry
window so that you can modify the entry. Cisco SDM does
not allow duplicate entries in the same access rule.
Interface
drop-down list
If the chosen traffic flow (Originating or Returning) cont ains
an access rule on both the From interface and the To interface,
you can use this list to toggle between the two rules.
If the chosen traffic flow does not have a firewall applied, you
can apply a firewall by choosing Originating traffic and
clicking the Apply Firewall button. By default, clicking
Apply Firewall will associate an Cisco SDM-default
inspection rule to the inbound direction of the From interface,
and will associate an access rule to the inbound direction of
the To interface that denies traffic. If the Cisco IOS image
that the router is using does not support the Firewall feature,
this button is disabled. For example, to apply a firewall that
protects the network connected to the Ethernet 0 interface
from traffic entering the Ethernet 1 interface, choose Ethernet
0 from the From drop-down list, and Ethernet 1 from the To
drop-down list. Then click Apply Firewall. If you want to
apply a firewall that protects the network connected to the
Ethernet 1 interface from traffic entering the Ethernet 0
interface, go to Additional Tasks > ACL Editor > Access
Rules.