6-59
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter6 Managing Policy Objects
Creating Access Control List Objects
Add and Edit Standard Access Control Entry Dialog Boxes
Use the Add or Edit Standard Access Control Entry dialog box to add an access control entry (ACE) or
an ACL object to a Standard ACL object.
Navigation Path
From the Add or Edit Access List Dialog Boxes, page 6-55 for Standard ACL objects, click the Add
button in the ACE table, or select a row and click the Edit button.
Related Topics
Creating Standard Access Control List Objects, page 6-51
Understanding Access Rule Address Requirements and How Rules Are Deployed, page 16-5
Understanding Networks/Hosts Objects, page 6-74
Understanding and Specifying Services and Service and Port List Objects, page 6-86
Filtering Items in Selectors, page 1-42
Field Reference
Description An optional description of the object.
Advanced button Click this button to define logging options for the entry:
For PIX, ASA, and FWSM devices, you can enable:
Default logging—If a packet is denied, message 106023 is
generated. If a packet is permitted, no message is generated.
Per ACE logging—If a packet is denied, message 106100 is
generated. You can select the logging severity level for the
messages, and the interval (in seconds from 1 to 600) for
generating messages.
For IOS devices, when you enable logging, informational messages
about packets that match the entry are sent to the console. You can
also elect to include the input interface and source MAC address or
VC in the logging output.
Table6-21 Add and Edit Extended Access Control Entry Dialog Boxes (Continued)
Element Description
Table6-22 Add and Edit Standard Access Control Entry Dialog Boxes
Element Description
Type The type of entry you are adding. The fields on the dialog box change
based on your selection.
Access Control Entry—You want to define an ACE.
ACL Objects—You want to include an existing ACL object. You
are presented with a list of available ACL objects. Select the
objects you want to include and click the >> button to move them
to the list of selected objects. You can remove an object by
selecting it and clicking <<. You can also edit objects in the
selected objects list.