Chapter32 ACL Editor
Rules Windows
32-14
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
What Permit and Deny do depends on the type of rule in which they are used. In
Cisco SDM, extended rule entries can be used in access rules, NAT rules, IPSec
rules, and access lists associated with route maps. Click Meanings of the Permit
and Deny Keywords to learn more about the action of Permit and the action of
Deny in the context of a specific type of rule.
Source Host/Network
The source IP address criteria that the traffic must match. The fields in this area
of the window change, based on the value of the Type field.
Type
Select one of the following:
A specific IP address. This can be a network address, or the address of a
specific host.
A host name.
Any IP address.
IP Address
If you selected A specific IP address, enter the IP address in this field. If the
address you enter is a network address, enter a wildcard mask to specify the parts
of the network address that must be matched.
Mask
If you selected A specific IP address, either select the wildcard mask from this
list, or enter a custom wildcard mask. A binary 0 in a wildcard mask means that
the corresponding bit in the packet’s IP address must match exactly. A binary 1 in
a wildcard mask means that the corresponding bit in the packet’s IP address need
not match.
Hostname
If you selected A host name in the Type field, enter the name of the host.
Destination Host/Network
The source IP address criteria that the traffic must match. The fields in this area
of the window change, based on the value of the Type field.