Cisco ACE-4710-K9 Administration Guide - Page 161
Specifying Layer 3 and Layer 4 Policy Actions
View all Cisco ACE-4710-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 161 highlights
Chapter 4 Configuring Class Maps and Policy Maps Configuring a Layer 3 and Layer 4 Policy Map The syntax of the class command with the optional insert-before keyword is: class map_name1 insert-before map_name2 When you use this command, the ACE places the current class map (as specified by the map_name1 argument) ahead of an existing class map (as specified by the map_name2 argument). For example, to define the sequential order of two class maps in the policy map, enter: host1/Admin(config-pmap-c)# class L4_HTTP_APP_INSPECTION_CLASS insert-before L4_SLB_VIP_CLASS To specify the class-default class map for the Layer 3 and Layer 4 traffic policy, use the class class-default command in policy map configuration mode. All network traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications match, the ACE then matches the action specified under the class class-default command. The class-default class map has an implicit match any statement in it and is used to match any traffic classification. When you use this command, you will access policy map class configuration mode. For example, to use the class class-default command, enter: host1/Admin(config-pmap)# class class-default host1/Admin(config-pmap-c)# loadbalance vip replicate-connections Specifying Layer 3 and Layer 4 Policy Actions To allow the network management traffic listed in the Layer 3 and Layer 4 class map to be received or rejected by the ACE, specify either the permit or deny command in policy map class configuration mode. • Use the permit command in policy map class configuration mode to allow the remote network management protocols listed in the class map to be received by the ACE. • Use the deny command in policy map class configuration mode to refuse the remote network management protocols listed in the class map to be received by the ACE. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-47