Prerequisites, Guidelines and limitations, Default settings – Cisco ASA 5505 User Manual
Page 677: Configuring access rules, E the, For mor, E. (see the
 
34-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 34 Configuring Access Rules
Prerequisites
Prerequisites
Before you can create an access rule, create the access list. See
Chapter 15, “Adding an Extended Access
and
Chapter 16, “Adding an EtherType Access List,”
for more information.
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall modes.
IPv6 Guidelines
Supports IPv6.
Per-User Access List Guidelines
•
If there is no per-user access list associated with a packet, the interface access rule is applied.
•
The per-user access list uses the value in the timeout uauth command, but it can be overridden by 
the AAA per-user session timeout value.
•
If traffic is denied because of a per-user access list, syslog message 109025 is logged. If traffic is 
permitted, no syslog message is generated. The log option in the per-user access list has no effect. 
Default Settings
See the
“Implicit Permits” section on page 34-2
.
Configuring Access Rules
To apply an access rule, perform the following steps.