If you modify an existing ACL by adding a new rule with the same position as an existing rule, the previously existing
rule will be overwritten. The Smart Config section of the AOS-W WebUI does not prevent you from creating duplicate
rules in different positions, though this is not allowed when creating ACLs using the
Configuration>Security>Firewall Policies section of the AOS-W WebUI, or when using the ip access-list
commands in the AOS-W command-line interface.
To associate a policy based routing rule with the branch config group,
1. Navigate to Configuration>Branch>Smart Config>Routing, and select the PBR subtab .
2. Click the Route ACL name drop-down list. Select an existing route ACL, or click New to define a new ACL.
3. If you selected New in the previous step, enter a name for the new ACL, then click Add. Next, you must
define the rules for the new ACL.
4. Click the Add button below the PBR rules list, and define the following values:
Field Description
IP version Specifies whether the policy applies to IPv4 or IPv6 traffic.
Source
(required)
Source of the traffic, which can be one of the following:
n any: Acts as a wildcard and applies to any source address.
n user: This refers to traffic from the wireless client.
n host: This refers to traffic from a specific host. When this option is chosen, you must configure
the IP address of the host.
n network: This refers to a traffic that has a source IP from a subnet of IP addresses. When this
option is chosen, you must configure the IP address and network mask of the subnet.
n alias: This refers to using an alias for a host or network. You configure the alias by navigating to
the Configuration > Advanced Services > Stateful Firewall > Destination page.
Destination
(required)
Destination of the traffic, which can be configured in the same manner as Source.
Table 67: Policy Based Routing ACL Rule Parameters
AOS-W 6.5.3.x | User Guide BranchSwitch Config for Cloud Services Switches | 245
To Next Page
Loading...