Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Viewing Policy and Filter Instances

 

To view the list of CGNAT, SFW, and packet policy or filter instances:

  1. From the View selector, select Gateway View. The workspaces that are applicable to this view are displayed.
  2. From the Junos Space user interface, click the Deploy icon on the Edge Services Director banner.

    The functionalities that you can configure in this mode are displayed in the task pane.
  3. From the task pane, select Service Edit. On the right pane, pie charts corresponding to the configured services and policy filters are displayed if you view the page without drilling-down the tree in the task pane to select a particular service or policy.
  4. Click the right arrow next to Service Edit to expand the tree in the task pane and view the list of filter instances.
  5. From the task pane, do one of the following:
    • Select ADC to open the Service Edit > ADC page on the right pane.

    • Select TLB to open the Service Edit > TLB page on the right pane.

    • Select CGNAT Policy and Filter to open the CGNAT and Filter page on the right pane.

    • Select Packet Filter to open the Packet Filter page on the right pane.

    • Select SFW Policy and Filters to open the SFW Policy and Filter page on the right pane.

  6. In the Service Edit page, from the tree that lists the SDGs, select All Service Gateways, or the SDG or SDG pair for which you want to view the previously configured policy or filter instances.

    The page is divided into three panes. The list of SDGs are displayed on the left pane. You can drill-down to the SDG or pair of SDGs for which you want to process policies or filters. The policy and filter rules are displayed in the middle pane. The right pane lists the rule and service set details. For each rule, the terms defined are shown in a tree structure. The key value pair format can be expanded by clicking the + icon beside each term.

The following fields are displayed on the Service Edit > ADC page:

Table 1: Service Edit > ADC Page

Field

SDG Host

Instance Name

OS Version

Group Name

Reference Host

Real Servers

Health Check Sources

Custom Health Checks

Groups

Virtual Servers

Deployment Plans

The following fields are displayed on the Service Edit > TLB page:

Table 2: TLB Service Edit Page

Field

SDG Host

Instance Name

OS Version

Group Name

Reference Host

Real Servers

Network Monitoring

Groups

Virtual Servers

Deployment Plans

The following fields are displayed on the Service Gateways—CGNAT Policy and Filter page:

Tip

In Gateway View of Deploy mode, with All Network selected in View pane and Policy & Filters > CGNAT selected in the task pane, you can select a different SDG host from the Host Name list, and a different rule term from the Term Name list from the page that lists all of the previously defined service policies. This type of inline or embedded editing enables you to quickly and optimally change the rule term in a service policy and the SDG with which the policy must be associated.

Table 3: CGNAT Policy and Filter Page

Field

Host Name

Group Name

Rule Name

Match Direction

Term Name

Source Address

Destination Address

Destination Port

Application

Translated Packet Source

Translated Packet Destination

Translation Type

Figure 1: CGNAT Services Listing Page
CGNAT Services Listing Page

The following fields are displayed on the Service Gateways—Packet Filter page:

Tip

In Gateway view of Deploy mode, with All Network selected in the View pane and Policy & Filters > Packet Filtert selected in the task pane, you can select a different SDG host from the Host Name list, and a different rule term from the Term Name list from the page that lists all of the previously defined service policies. This type of inline or embedded editing enables you to quickly and optimally change the rule term in a service policy and the SDG with which the policy must be associated.

Table 4: Packet F ilter Page

Field

Host Name

Group Name

Filter Name

Term Name

Source Address

Destination Address

Destination Port

Source Port

Protocol

Forwarding Class

Action

Status

The following fields are displayed on the Service Gateways—SFW Policy and Filter page:

Tip

In Gateway view of Deploy mode, with All Network selected in the View pane and Policy & Filters > SFW selected in the task pane, you can select a different SDG host from the Host Name list, and a different rule term from the Term Name list from the page that lists all of the previously defined service policies. This type of inline or embedded editing enables you to quickly and optimally change the rule term in a service policy and the SDG with which the policy must be associated.

Table 5: SFW Policy and Filter Page

Field

Host Name

Group Name

Rule Name

Term Name

Source Address

Destination Address

Destination Port

Source Port

Application Sets

Filter Outcome

Figure 2: Stateful Firewall Services Listing Page
Stateful Firewall Services Listing Page

Select a policy or a filter and click the Expand All icon, and all rules corresponding to that policy or filter are expanded.

Select a policy or filter and click the Collapse All icon to collapse all rules.