A SERVICE OF

logo

Open as PDF
next previous
16-16
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 16 Managing Firewall Access Rules
Configuring Access Rules
Navigation Path
To access the Advanced dialog box:
In the Add and Edit Access Rule Dialog Boxes, page 16-13, click the Advanced button.
To access one of the Edit options dialog boxes:
Right-click the Options or Expiration Date cell in an access rule (on the Access Rules Page,
page 16-9) and choose the related Edit command. To change the rule direction, right-click the Dir.
cell and choose the opposite direction (in or out).
If you select multiple rows, your changes replace those options for all selected rules.
Related Topics
Configuring Access Rules, page 16-7
Editing Rules, page 12-9
Understanding Access Rules, page 16-1
Chapter 16, “Managing Firewall Access Rules”
Configuring Time Range Objects, page 6-66
Field Reference
Table 16-3 Advanced Dialog Box
Element Description
Enable Logging (PIX, ASA,
FWSM)
Whether to generate syslog messages for the rule entries (also known
as access-control entries, or ACEs), for PIX, ASA, and FWSM devices.
When selected, these additional options are enabled:
Default Logging—Use the default logging behavior. If a packet is
denied, message 106023 is generated. If a packet is permitted, no
syslog message is generated. The default logging interval is 300
seconds.
Per ACE Logging—Configure logging specific to this entry.
Choose the logging Level you want to use to log events for the
ACE, and provide a logging Interval, which can range from 1 to
600 seconds. Syslog message 106100 is generated for the ACE.
Available logging levels:
Emergency—(0) System is unstable
Alert—(1) Immediate action is needed
Critical—(2) Critical conditions
Error—(3) Error conditions
Warning—(4) Warning conditions
Notification—(5) Normal but significant condition
Informational—(6) Informational messages only
Debugging—(7) Debugging messages
Note You can change the firewall and IOS logging options for an
existing rule in the table on the Access Rules Page, page 16-9
by right-clicking the Options cell and choosing Edit Options.