ACS policy rules contain conditions and results. Before you begin to define rules for a policy, you must configure which types of conditions that policy will contain. This step is called customizing your policy. The condition types that you choose appear on the Policy page. You can apply only those types of conditions that appear on the Policy page. For information about policy conditions, see Managing Policy Conditions.
By default, a Policy page displays a single condition column for compound expressions. For information on compound conditions, see Configuring Compound Conditions.
If you have implemented Security Group Access functionality, you can also customize results for authorization policies.
Caution If you have already defined rules, be certain that a rule is not using any condition that you remove when customizing conditions. Removing a condition column removes all configured conditions that exist for that column.
To customize a policy:
Step 1 Open the Policy page that you want to customize. For:
The service selection policy, choose Access Policies > Service Selection Policy .
An access service policy, choose Access Policies > Access Services > service > policy , where service is the name of the access service, and policy is the name of the policy that you want to customize.
Step 2 In the Policy page, click Customize .
A list of conditions appears. This list includes identity attributes, system conditions, and custom conditions.
Note Identity-related attributes are not available as conditions in a service selection policy.
Step 3 Move conditions between the Available and Selected list boxes.
Step 4 Click OK
The selected conditions now appear under the Conditions column.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...