Manualsbrain.com
  1. Manuais
  2. Marcas
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Manual Técnico

Cisco Cisco ASA 5510 Adaptive Security Appliance Manual Técnico

Download
Página de 22
 
8
XML Examples for the Cisco Application Centric Infrastructure Security Device Package
 
  Access Lists and Associated Access Groups
<vnsRsNodeToMFunc tDn="uni/infra/mDev-CISCO-ASA-1.0.1.43/mFunc-Firewall"/>
</vnsAbsNode>
<vnsAbsTermNodeProv name = "Output1">
<vnsAbsTermConn name = "C6">
</vnsAbsTermConn>
</vnsAbsTermNodeProv>
<vnsAbsConnection name = "CON1">
<vnsRsAbsConnectionConns tDn="uni/tn-tenant1/AbsGraph-WebGraph/AbsTermNodeCon-Input1/AbsTConn" />
<vnsRsAbsConnectionConns tDn="uni/tn-tenant1/AbsGraph-WebGraph/AbsNode-FW1/AbsFConn-external" />
</vnsAbsConnection>
<vnsAbsConnection name = "CON2">
<vnsRsAbsConnectionConns tDn="uni/tn-tenant1/AbsGraph-WebGraph/AbsNode-FW1/AbsFConn-internal" />
<vnsRsAbsConnectionConns tDn="uni/tn-tenant1/AbsGraph-WebGraph/AbsTermNodeProv-Output1/AbsTConn" />
</vnsAbsConnection>
</vnsAbsGraph>
  </fvTenant>
</polUni>
<polUni>
    <fvTenant name="tenant1">
<vzBrCP name="webCtrct">
<vzSubj name="http">
<vzRsSubjGraphAtt tnVnsAbsGraphName="WebGraph"/>
</vzSubj>
</vzBrCP>
  </fvTenant>
</polUni>
Access Lists and Associated Access Groups
This XML example creates an access list and assigns it to an access group associated with an existing 
interface.
ASA Configuration
access-list ACL2 extended deny ip any any
access-list ACL2 extended permit icmp any any
access-list ACL1 extended permit tcp any any eq ssh 
access-list ACL1 extended permit tcp any any eq https
access-group ACL2 in interface externalIf
access-group ACL1 out interface internalIf
XML Example
<polUni>
    <fvTenant name="tenant1">
        <vnsAbsGraph name = "WebGraph">
            <vnsAbsNode name = "FW1">