Configuring Access Rules
This chapter describes how to control network access through the adaptive security appliance using
access rules, and it includes the following sections:
•
•
•
•
•
•
You use access rules to control network access in both routed and transparent firewall modes. In
Note
transparent mode, you can use both access rules (for Layer 3 traffic) and EtherType rules (for Layer 2
traffic).
To access the adaptive security appliance interface for management access, you do not also need an
access rule allowing the host IP address. You only need to configure management access according to
Chapter 32, "Configuring Management Access."
Information About Access Rules
Your access policy is made up of one or more access rules and/or EtherType rules per interface or
globally for all interfaces.
You can use access rules in routed and transparent firewall mode to control IP traffic. An access rule
permits or denies traffic based on the protocol, a source and destination IP address or network, and
optionally the source and destination ports.
For transparent mode only, an EtherType rule controls network access for non-IP traffic. An EtherType
rule permits or denies traffic based on the EtherType.
This section includes the following topics:
•
•
•
OL-20339-01
Information About Access Rules, page 30-1
Licensing Requirements for Access Rules, page 30-6
Guidelines and Limitations, page 30-7
Default Settings, page 30-7
Configuring Access Rules, page 30-7
Feature History for Access Rules, page 30-13
General Information About Rules, page 30-2
Information About Access Rules, page 30-4
Information About EtherType Rules, page 30-5
C H A P T E R
Cisco ASA 5500 Series Configuration Guide using ASDM
30
30-1