ASDM 5.2 User Guide
Configuring EtherType Rules
Downloads: This chapterpdf (PDF - 321.0KB) The complete bookPDF (PDF - 11.14MB) | Feedback

Configuring EtherType Rules

Table Of Contents

Configuring EtherType Rules

Ethertype Rules (Transparent Mode Only)

Add/Edit EtherType Rule


Configuring EtherType Rules


Ethertype Rules (Transparent Mode Only)

The EtherType Rules window shows access rules based on packet EtherTypes. EtherType rules are used to configure non-IP related traffic policies through the security appliance when operating in transparent mode. In transparent mode, you can apply both extended and EtherType access rules to an interface. EtherType rules take precedence over the extended access rules.

Fields

Add—Adds a new EtherType rule. Choose the type of rule you want to add from the drop-down list.

Edit—Edits an EtherType rule.

Delete—Deletes an EtherType rule.

Move Up—Moves a rule up. Rules are assessed in the order they appear in this table, so the order can matter if you have overlapping rules.

Move Down—Moves a rule down.

Cut—Cuts a rule.

Copy—Copies the parameters of a rule so you can start a new rule with the same parameters using the Paste button.

Paste—Opens an Add/Edit Rule dialog box with the copied or cut parameters of the rule prefilled. You can then make any modifications and add it to the table. The Paste button adds the rule above the selected rule. The Paste After item, available from the Paste drop-down list, adds the rule after the selected rule.

The following description summarizes the columns in the EtherType Rules table. You can edit the contents of these columns by double-clicking on a table cell. Double-clicking on a column header sorts the table in ascending alphanumeric order, using the selected column as the sort key. If you right-click a rule, you see all of the options represented by the buttons above, as well as Insert and Insert After items. These items either insert a new rule before the selected rule (Insert) or after the selected rule (Insert After.)

No—Indicates the order of evaluation for the rule.

ActionPermit or deny action for this rule.

EthervalueEtherType value: IPX, BPDU, MPLS-Unicast, MPLS-Multicast, or a 16-bit hexadecimal value between 0x600 (1536) and 0xffff by which an EtherType can be identified.

InterfaceInterface to which the rule is applied.

Direction Applied—Direction for this rule: incoming traffic or outgoing traffic.

DescriptionOptional text description of the rule.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System


Add/Edit EtherType Rule

The Add/Edit EtherType Rules dialog box lets you add or edit an EtherType rule.

Fields

ActionPermit or deny action for this rule.

InterfaceInterface name for this rule.

Apply rule toDirection for this rule: incoming traffic or outgoing traffic.

EthervalueEtherType value: BPDU, IPX, MPLS-Unicast, MPLS-Multicast, any (any value between 0x600 and 0xffff), or a 16-bit hexadecimal value between 0x600 (1536) and 0xffff by which an EtherType can be identified.

Description—Optional text description of the rule.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System