Cisco Cisco Expressway Maintenance Manual
The switch to control whether or not these rules are engaged on the default zone is on the Configuration > Zones >
Zones > DefaultZone page. See
Zones > DefaultZone page. See
Field
Description
Usage tips
Name
The name assigned to the rule.
Description An optional free-form description of the rule.
Priority
Determines the order in which the rules are applied if the
certificate names match multiple rules. The rules with the
highest priority (1, then 2, then 3 and so on) are applied first.
Multiple rules with the same priority are applied in
configuration order.
certificate names match multiple rules. The rules with the
highest priority (1, then 2, then 3 and so on) are applied first.
Multiple rules with the same priority are applied in
configuration order.
Pattern
type
type
The way in which the Pattern string must match the Subject
Common Name or any Subject Alternative Names contained
within the certificate.
Common Name or any Subject Alternative Names contained
within the certificate.
Exact: the entire string must exactly match the name,
character for character.
character for character.
Prefix: the string must appear at the beginning of the name.
Suffix: the string must appear at the end of the name.
tool
(Maintenance > Tools > Check
pattern).
pattern).
Pattern
string
string
The pattern against which the name is compared.
Action
The action to take if the certificate matches this access rule.
Allow: allows the external system to connect via the Default
Zone.
Zone.
Deny: rejects any connection requests received from the
external system.
external system.
State
Indicates if the rule is enabled or not.
Use this setting to test configuration
changes, or to temporarily disable
certain rules. Any disabled rules still
appear in the rules list but are
ignored.
changes, or to temporarily disable
certain rules. Any disabled rules still
appear in the rules list but are
ignored.
Table 5 Default Zone Access Rule Parameters
Configuring Zones
The Zones page (Configuration > Zones > Zones) lists all the zones that have been configured on the Expressway,
and lets you create, edit and delete zones.
and lets you create, edit and delete zones.
It also displays the zone's H.323 or SIP connection status:
■
Off: the protocol is disabled at either the zone or system level
■
Active: the protocol is enabled for that zone and it has at least one active connection; if multiple connections
are configured and some of those connections have failed, the display indicates how many of the connections
are Active
are configured and some of those connections have failed, the display indicates how many of the connections
are Active
■
On: applies to DNS and ENUM zones only and indicates that the protocol is enabled for that zone
102
Cisco Expressway Administrator Guide