Technical Documentation

• Downloads
• Example: Configuring Policy-Based Routing (NSM Procedure)    

• Related Topics
• Configuring Virtual Routers Overview
• Virtual Router General Properties Overview
• Access List Overview
• Route Maps Overview
• IRDP Support Overview
• Policy-Based Routing Overview
• Disabling IRDP
• Example: Configuring Access Lists (NSM Procedure)

Example: Configuring Policy-Based Routing (NSM Procedure)

To configure policy-based routing for a security device:

1. In the NSM navigation tree, select Device Manager > Devices.
2. Select a security device and then double-click the device on which you want to define forced timeout. The device configuration appears.
3. In the device navigation tree, select Network > Virtual Router.
4. Click New to view the configuration page.
5. In the virtual router navigation tree, select access list and configure the options for access list 10:
   • Extended ACL ID: 10
   • Sequence Number: 1
   • Source IP Address/Netmask: 172.18.1.10/32
   • Destination Port: 80-80
   • Protocol: TCP
   • Click OK to return to the access lists.
6. Click New to configure a second entry for access list 10 and configure the following options:
   • Extended ACL ID: 10
   • Sequence Number: 2
   • Source IP Address/Netmask: 172.18.2.10/32
   • Destination Port: 443-443
   • Protocol: TCP
7. In the virtual router navigation tree, select Policy-based, and click New in the Match Group tab to configure the match group:
   • Match Group Name: left_router
   • Sequence Number: 1
   • Extended ACL: Select 10 from the drop down list.
8. In the virtual router navigation tree, select Policy-based, and click New in the Action Group tab to view the configuration page.
9. In the virtual router navigation tree, select Policy-based, and click New in the Policy tab to view the configuration page. Each PBR policy needs to have a unique name.
10. Use the policy binding tabs in the configuration page to bind policies.