9-19
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter9 Firew all Policy
Edit Firewall Policy
The policy named clients-servers-policy contains two ACLs. The rule with the ID
1 permits TCP, UDP, and ICMP traffic from any source to any destination. The
rule with the ID 2 drops any unmatched traffic.
Adding a New Rule to a Policy
To add a new rule to a policy, complete the following steps:
Step1 Click anywhere in the display for that policy, and click the + Add button.
To insert a rule for new traffic in the order that you want it select an existing
rule, click the + Add button, and choose Insert or Insert After. The Insert
and Insert After options are also available from a context menu that you
display by right-clicking on an existing rule.
Choosing Rule for New Traf fic automatically places the new rule at the top
of the list.
Choosing Rule for Existing Traffic allows you to select an existing class map
and modify it. It automatically places the new rule at the top of the list.
Step2 Complete the displayed dialog. Click Add a New Rule for more information.
Adding a New Zone Policy
To add a new zone policy, complete the following steps:
Step1 Click Add and choose New Zone Policy.
Step2 In the Add a Rule screen, specify the source zone by clicking the button to the
right of the Source Zone field and selecting an existing zone or creating a new
zone.
udp
icmp
2 Unmatched Traffic Drop
Traffic Classification Action Rule Options