4-35
Cisco 4700 Series Application Control Engine Appliance Administration Guide
OL-11157-01
Chapter 4 Configuring Class Maps and Policy Maps
Configuring Layer 3 and Layer 4 Class Maps
Defining Layer 3 and Layer 4 Classifications for Network
Management Traffic Received by the ACE
Layer 3 and Layer 4 traffic classes contain match criteria that identify the network
management traffic that can be received by the ACE. Class maps enable you to
classify network traffic based on one or more of these management protocols:
HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet.
This section contains the following topics:
•
Creating a Layer 3 and Layer 4 Network Management Traffic Class Map
•
Defining Network Management Access Match Criteria
Creating a Layer 3 and Layer 4 Network Management Traffic Class Map
To create a Layer 3 and Layer 4 class map to classify the IP network management
traffic received by the ACE, use the
class-map type management
configuration
command. This command permits network management traffic by identifying the
incoming IP management protocols that the ACE can receive as well as the client
source host IP address and subnet mask as the matching criteria. A class map of
type management
provides access for one or more of the following management
protocols: HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet.
A class map can have multiple
match
commands. You can configure class maps
to define multiple management protocol and source IP address commands in a
group that you then associate with a traffic policy. The
match-all
and
match-any
keywords determine how the ACE evaluates multiple match statements operations
when multiple match criteria exist in a class map.
The syntax of this command is:
class-map
type management
[
match-all
|
match-any
]
map_name