Cisco Systems ASA 5585-X Manual De Usuario
6-7
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 6 Configuring Access Rules
Licensing Requirements for Access Rules
Access Rules for Returning Traffic
Because EtherTypes are connectionless, you need to apply the rule to both interfaces if you want traffic
to pass in both directions.
to pass in both directions.
Allowing MPLS
If you allow MPLS, ensure that Label Distribution Protocol and Tag Distribution Protocol TCP
connections are established through the ASA by configuring both MPLS routers connected to the ASA
to use the IP address on the ASA interface as the router-id for LDP or TDP sessions. (LDP and TDP
allow MPLS routers to negotiate the labels (addresses) used to forward packets.)
connections are established through the ASA by configuring both MPLS routers connected to the ASA
to use the IP address on the ASA interface as the router-id for LDP or TDP sessions. (LDP and TDP
allow MPLS routers to negotiate the labels (addresses) used to forward packets.)
On Cisco IOS routers, enter the appropriate command for your protocol, LDP or TDP. The interface is
the interface connected to the ASA.
the interface connected to the ASA.
ciscoasa(config)# mpls ldp router-id interface force
Or
ciscoasa(config)# tag-switching tdp router-id interface force
Licensing Requirements for Access Rules
Prerequisites
Before you can create an access rule, create the ACL. See the general operations configuration guide for
more information.
more information.
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall modes.
IPv6 Guidelines
Supports IPv6. The source and destination addresses can include any mix of IPv4 and IPv6 addresses.
Model
License Requirement
All models
Base License.