Cisco Systems VPN 3000 Add / Modify / Copy / Delete

Configuration | Policy Management | Traffic Management | Rules

13-11

VPN 3000 Concentrator Series User Guide

*For VRRP In and VRRP Out, the Destination Address is 224.0.0.18/0.0.0.0, which is the

IANA-assigned IP multicast address for VRRP.

Add / Modify / Copy / Delete

To configure a new rule, click Add. The Manager opens the Configuration | Policy Management | Traffic

Management | Rules | Add screen.

To modify a rule that has been configured, select the rule from the list and click Modify. The Manager

opens the Configuration | Policy Management | Traffic Management | Rules | Modify screen.

To copy a configured rule, modify it, and save it with a new name, select the rule from the list and click

Copy. See the Configuration | Policy Management | Traffic Management | Rules | Copy screen.

To delete a configured rule, select the rule from the list and click Delete.

•If the rule is not being used in a filter, the Manager deletes the rule, refreshes the screen, and shows

the remaining rules in the list. There is no confirmation or undo.

•If the rule is being used in a filter, the Manager asks you to confirm the deletion. See the Configuration

| Policy Management | Traffic Management | Rules | Delete screen.

•You cannot delete a rule that is configured as part of a LAN-to-LAN connection. See the Configuration

Note: Deleting a rule deletes it from every filter that uses it and deletes it from the VPN Concentrator active

configuration. To remove a rule from a filter but retain it in the active configuration, see the Configuration

| Policy Management | Traffic Management | Assign Rules to Filter screen.

Reminder: The Manager immediately includes your changes in the active configuration. To save the active

configuration and make it the boot configuration, click th e Save Needed icon at the top of the Manager

window.

Outgoing HTTPS In Inbound TCP Don’t Care HTTPS (443) Range 0-65535

Outgoing HTTPS

Out

Outbound TCP Don’t Care Range 0-65535 HTTPS (443)

PPTP In Inbound TCP Don’t Care Range 0-65535 PPTP (1723)

PPTP Out Outbound TCP Don’t Care PPTP (1723) Range 0-65535

RIP In Inbound UDP RIP (520) RIP (520)

RIP Out Outbound UDP RIP (520) RIP (520)

Telnet/SSL In Inbound TCP Don’t Care Range 0-65535 Telnet/SSL (992)

Telnet/SSL Out Outbound TCP Don’t Care Telnet/SSL (992) Range 0-65535

VRRP In * Inbound Other 112

VRRP Out * Outbound Other 112

Table 13-1: Cisco-supplied default filter rules (continued)

Filter Rule Name Direction Protocol TCP

Connection

TCP/UDP

Source Port

TCP/UDP

Destination Port

ICMP

Packet

Type