Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring Policies for Custom Firewall Exceptions

    You can create policies with the Policies, Services, and Subscribers CLI or the Policies, Services, and Subscribers subtasks in the C-Web interface.

    To configure a policy for a custom firewall exception:

    1. Create a stateless firewall policy group and associated policy rules.
    2. Specify parameters for the following properties for each policy rule:
      • IP protocol
      • TOS byte in the IP header
      • Source IP addresses
      • Source TCP/UDP ports
      • Destination IP addresses
      • Destination TCP/UDP ports
      • TCP flags
      • IP flags (fragmentation flags)
      • Fragmentation offset
      • Packet length
      • ICMP type
      • ICMP code

    For a sample policy, see policyGroupName=custom_policer, ou=entjunos_statelessfw, o=Policies, o=umc in the sample data.

    Modified: 2014-06-10