User Guide for Cisco Security Manager 4.4
Chapter 56 Configuring Service Policy Rules on Firewall Devices
Configuring Traffic Flow Objects
Related Topics
• About Service Policy Rules, page 56-1
ASA CX Auth Proxy Configuration
If you enabled ASA CX authentication proxy—on the CXSC tab during Step 3 of the Insert/Edit Service
Policy (MPC) Rule Wizard; see Step 3. Configure the MPC actions, page 56-8—and you want to use a
non-default port for active authentication, use the Add/Edit CXSC Auth Proxy Configuration dialog box
to change the ASA CX Auth Proxy Port number.
If users must be prompted for authentication credentials, the prompting is done through this port.
Note Security Manager uses “CXSC” in some places to refer to an ASA CX Security Services Processor
Navigation Path
Open the Add/Edit CXSC Auth Proxy Configuration dialog box by clicking the CXSC Auth Proxy
button below the rules table on the IPS, QoS, and Connection Rules Page, page 56-5.
Note The CXSC Auth Proxy button is available below the IPS, QoS, and Connection Rules table only in
Device view; it is not visible in Policy view.
Related Topics
• IPS, QoS, and Connection Rules Page, page 56-5
Field Reference
Configuring Traffic Flow Objects
Use the Add and Edit Traffic Flow dialog boxes to configure traffic-match definitions. These traffic-flow
definitions correspond to class maps (the class map command) in the IPS, QoS and Connection Rules
service policy for devices running the PIX 7.0+, ASA 7.0+, and FWSM 3.2+ operating systems. For
more information on configuring these rules, see Chapter 56, “Configuring Service Policy Rules on
Firewall Devices”.
Navigation Path
Select Manage > Policy Objects, then select Traffic Flows from the Object Type selector. Right-click
inside the work area and choose New Object, or right-click a row and choose Edit Object.
Table 56-4 Add/Edit CXSC Auth Proxy Configuration Dialog Box
Element Description
CXSC Auth Proxy Port The default authentication proxy TCP port is 885; however, if you
change it, you must enter a port number between 1024 and 65535.