Configuring A Layer 3 And Layer 4 Policy Map; Associating A Layer 3 And Layer 4 Class Map With A Policy Map - Cisco 4700M Configuration Manual

Chapter 4 Configuring TCP/IP Normalization and IP Reassembly Parameters

Configuring a Layer 3 and Layer 4 Policy Map

Associating a Layer 3 and Layer 4 Class Map with a Policy Map

OL-16202-01
To remove the TCP port number match criterion from the class map, enter:
host1/C1(config-cmap)# no match port tcp eq 23
You can configure a Layer 4 traffic policy for TCP normalization, termination,
and reuse by using the policy-map command in configuration mode. The ACE
attempts to match multiple classes within a Layer 4 policy map, but can match
only one class within each feature. If a classification matches more than one class
map, then the ACE executes all the corresponding actions. However, for a specific
feature, the ACE executes only the first matching classification action. For more
information about policy maps, see the Cisco 4700 Series Application Control
Engine Appliance Administration Guide.
The syntax of this command is as follows:
policy-map multi-match name
The name argument is the identifier of the policy map. Enter an unquoted text
string with no spaces and a maximum of 64 alphanumeric characters.
For example, enter:
host1/C1(config)# policy-map multi-match TCP_POLICY
host1/C1(config-pmap)#
To remove a policy map from the configuration, enter:
host1/C1(config)# no policy-map multi-match TCP_POLICY
You can associate a Layer 4 class map with a Layer 4 policy map by using the
class command in policy-map configuration mode. The syntax of this command
is as follows:
class {name1 | class-default} [insert-before name2]
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Traffic Policy for TCP/IP Normalization and Termination
4-31