Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700

491

492

493

494

495

496

497

498

499

500

12-73

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-02

Chapter 12 Configuring Traffic Policies

Configuring Rules and Actions for Policy Maps

Setting Policy Map Rules and Actions for Layer 7 HTTP Deep Packet

Inspection

Use this procedure to add rules and actions for Layer 7 HTTP deep packet inspection policy maps.

Procedure

Step 1 Choose Config > Virtual Contexts > context > Expert > Policy Maps. The Policy Maps table appears.

Step 2 In the Policy Maps table, select the Layer 7 deep packet inspection policy map that you want to set rules

and actions for, and then select the Rule tab. You can select multiple policy maps (hold down the Shift

key while selecting entries) and apply common rules and actions to them.

Step 3 In the Rule table, click Add to add a new rule, or select an existing rule, and then Edit to modify it. The

Rule configuration screen appears.

Step 4 In the Type field, select the type of rule to be used:

• Class Map—Indicates that the ACE appliance is to use an existing class map that identifies the rules

and corresponding actions. Continue with Step 5.

• Match Condition—Indicates that the ACE appliance is to use a set of conditions to identify the rules

and corresponding actions. Continue with Step 7.

Step 5 For class maps, check the Use Class Default check box to use the class-default class map, or clear the

check box to use a previously created class map.

Step 6 If you clear the Use Class Default check box:

a. In the Class Map Name field, select the class map to be used.

b. In the Insert Before field, indicate whether this rule is to precede another rule in this policy map.

–

N/A—Indicates that this option is not configured.

–

False—Indicates that this rule is not to precede another rule in this policy map.

–

True—Indicates that this rule is to precede another rule in this policy map.

c. If you select True, the Insert Before Policy Rule field appears. Select the rule that you want the

current rule to precede.

Step 7 For match conditions:

a. In the Match Condition Name field enter a name for the match condition. Valid entries are unquoted

text strings with no spaces and a maximum of 64 alphanumeric characters.

b. In the Match Condition Type field, select the method by which match decisions are to be made and

their corresponding conditions. See Table 12-30 for information about these selections.