Modifying the Association of SDG Details and Service Components for a Service Policy Filter
From the Policy & Filters page, which displays all the previously configured service policy filters, you can modify the components or the parameter types that are associated with a particular service filter. You must lock the service policy filters for which you want to modify the attached service components or attributes before you can update the settings. You can also select a different SDG to which the service policy filter must be applied.
To modify the association of SDGs and service components for a service policy filter, such as a stateful firewall service, or a carrier-grade NAT service policy:
- From the View selector, select Service View. The workspaces that are applicable to edge services are displayed.
- Select All Network from the Service View pane. You can modify the association of SDGs with service policies, only if you select the All Network label in the View pane. If you expand the All Network tree and select an SDG group or an SDG in a redundancy pair, you cannot modify the association of service policies and rules with SDGs in a single-shot, one-step operation.
- From the Junos Space user interface, click the Deploy icon on the Edge Services Director banner.
The functionalities that you can configure in this mode are displayed in the task pane.
- From the View pane, select the All Network item in Gateway view. Click the plus sign (+) beside the All Network item in the View pane to expand the tree and select the device node you want.
- Select Policy & Filters from the task pane.
The Service Edit page is displayed.
- Click the plus sign (+) next to Policy & Filters to
expand the tree in the task pane and view the list of filter templates.
Do one of the following:
Select CGNAT to open the Service Edit > CGNAT page on the right pane.
Select SFW to open the Service Edit > SFW page on the right pane.
The following fields are displayed on this page:
Table 1: Services – CGNAT and SFW Page
Name of the configured service template instance
Junos OS release number that represents a particular revision of the software that runs on a Juniper Networks routing platform, for example, Junos OS Release 8.5, 9.1, or 9.2. Each Junos OS release has certain new features that complement the software processes that support Internet routing protocols, control the device’s interfaces and the device chassis itself, and allow device system management.
Name of the SDG group
Hostname of the SDG with which the service instance is associated.
Name of the applications protocols created for the service template.
Name of the application sets created for the service template.
Name of the stateful firewall rules created for the service instance.
SFW Rule Sets
Name of the stateful firewall rule sets created for the service template.
Name of the CGNAT pool created for the service template.
Name of the CGNAT rules created for the service instance.
NAT Rule Sets
Name of the CGNAT rule sets created for the service template.
Name of the syslog created for the service template.
Name of the deployment plan with which the service template is attached.
- From the Term Name drop-down list, select the rule term that must be assigned to the service policy filter, such as CGNAT or stateful firewall service policies.
- From the Host Name drop-down list, select the hostname
of the SDG.
The modified association is saved.
You can use the Actions menu in the Service Template pages for CGNAT, SFW, and packet filters to publish, unpublish, export, and restore the defined polices or filters. For details, see Using the Actions Menu in the Service Template Page.