Cisco Cisco Firepower Management Center 4000

 for more information on how the system omits invalid configurations from the access 

control policies applied to target devices. 

Admin/Access Admin/Network Admin

Select the 

 tab on the rule Edit page.

The Ports page appears.

Optionally, click the 

 prompt above the 

 list, then type a name or 

value.

The list updates as you type to display matching conditions. See 

 

for more information.

Click a condition in the 

 list. Use the Shift and Ctrl keys to select multiple conditions, or 

right-click to select all conditions. Note that you can add a maximum of 50 conditions.

Conditions you select are highlighted.

You have the following choices:

Click 

 to add the selected port to the Source Ports list.

Click 

 to add the selected port to the Destination Ports list.

Drag and drop available ports into a list.

Optionally, to create and add an individual port object click the add icon (

) above the 

 

list.

You can identify a single port in each port object that you add. You can then select objects you added as 
conditions for your rule. See 

 and 

 for more information.

Optionally, to add a literal port select an entry from the 

 drop-down list beneath the 

 or 

 list. 

If you select 

TCP

, 

UDP

 or, for destination ports, 

All

, enter a port, if needed; then click 

. For destination 

ports, if you select 

ICMP

 or 

IPv6-ICMP

, a pop-up window appears where you select a type and a related 

code, if needed, then click 

. You can specify a single port with a value from 0 to 65535.

Conditions you selected are added, as long as you add ports with protocols that do not conflict with ports 
already added. 

Save or continue editing the rule.

You must apply the access control policy for your changes to take effect; see 

.

URL Filtering

Series 3, Virtual, X-Series, ASA FirePOWER

feature dependent