Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

IN THIS PAGE

Configuring PTSP Classify-Traffic Conditions (SRC CLI)

 

Before you configure PTSP classify-traffic conditions, review the following topics:

Topics that discuss configuring PTSP classify-traffic conditions include:

Creating PTSP Classify-Traffic Conditions (SRC CLI)

You create classify-traffic conditions within policy rules. Use the following configuration statements to create a classify-traffic condition:

To add a classify-traffic condition:

  1. From configuration mode, create a classify-traffic condition inside a policy rule that has already been created and configured. For example, to create a traffic-condition called condition1 within policy rule rule1:

  2. (Optional) Specify the direction of the packet flow on which you want to match packets.

    Set to one of the following values:

    • input

    • output

    • both

    • Parameter of type matchDirection

  3. (Optional) Provide a description of the classify-traffic condition.

  4. (Optional) Verify your PTSP classify-traffic condition configuration.

See also

Configuring Destination Networks for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to add destination networks to a PTSP classify-traffic condition:

To add a destination network to a PTSP classify-traffic condition:

  1. From configuration mode, enter the destination network within a classify-traffic condition. For example:

  2. (Optional) Specify the IP address of the destination network or host.

    Where ip-address is one of the following values:

    • IP address

    • Predefined global parameter:

      • gateway_ipAddress—IP address of the gateway as specified by the service object.

      • interface_ipAddress—IP address of the router interface.

      • service_ipAddress—IP address of the service as specified by the service object.

      • user_ipAddress—IP address of the subscriber.

      • virtual_ipAddress—Virtual portal address of the SAE that is used in redundant redirect server installations.

    • Parameter of type address

  3. (Optional) Configure the IP mask of the destination network or host.

    Where ip-mask is one of the following values:

    • IP address mask

    • Predefined global parameter:

      • interface_ ipMask—IP mask of the router interface.

      • service_ ipMask—IP mask of the service as specified by the service object.

      • user_ ipMask—IP mask of the subscriber.

    • Parameter of type address.

  4. (Optional) Verify your destination network configuration.

See also

Configuring Destination Grouped Networks for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to add destination networks in a grouped format to a classify-traffic condition:

To add a grouped destination network to a classify-traffic condition:

  1. From configuration mode, enter the destination network within a classify-traffic condition. For example:

  2. (Optional) Configure the IP address of the destination network or host.

  3. (Optional) Verify your destination network configuration.

See also

Configuring Protocol Conditions for PTSP Classify-Traffic Conditions (SRC CLI)

The procedure in this topic shows how to configure protocol conditions that do not include port conditions.

Use the following configuration statements to add general protocol conditions to a PTSP classify-traffic condition:

To add general protocol conditions to a classify-traffic condition:

  1. From configuration mode, enter the general protocol condition configuration. For example:

  2. Configure the protocol matched by this classify-traffic condition.

    Enter the protocol matched by this classifier list, one of the following values:

    • Predefined global parameter—Use a ? at the command line to see a list of valid protocols.

    • Protocol number in the range 0–255.

    • String expression.

    • Parameter of type protocol.

  3. (Optional) Verify your protocol condition configuration.

See also

Configuring Protocol Conditions with Ports for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to add general protocol conditions with ports to a PTSP classify-traffic condition:

To add general protocol conditions with ports to a PTSP classify-traffic condition:

  1. From configuration mode, enter the protocol port condition configuration. For example:

  2. Configure the protocol matched by this classify-traffic condition.

    UDP is the only valid value for PTSP.

  3. (Optional) Enter the destination port configuration for the protocol port configuration.

  4. (Optional) Configure the destination port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object

    • Integer in the range 0–65535

    • Expression—A range of port numbers; for example, 10..20

    • Parameter of type port

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  5. (Optional) Enter the source port configuration for the protocol port configuration.

  6. (Optional) Configure the source port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object.

    • Integer in the range 0–65535

    • Expression—A range of port numbers; for example, 10..20.

    • Parameter of type port

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  7. (Optional) Verify your protocol condition configuration.

See also

Configuring Protocol Conditions with Parameters for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to configure classify-traffic conditions that contain a parameter value for the protocol:

To configure a protocol condition that contains a parameter value for the protocol:

  1. From configuration mode, enter the parameter protocol condition configuration. For example:

  2. Assign a parameter as the protocol matched by this classify-traffic condition.

    Before you assign a parameter, you must create a parameter of type protocol and commit the parameter configuration.

  3. (Optional) Enter the protocol attribute configuration.

  4. (Optional) Enter the destination port configuration.

  5. (Optional) Configure the TCP or UDP destination port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object.

    • Integer in the range 0–65535.

    • Expression—A range of port numbers; for example, 10..20.

    • Parameter of type port.

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  6. (Optional) Enter the source port configuration.

  7. (Optional) Configure the TCP or UDP source port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object.

    • Integer in the range 0–65535.

    • Expression—A range of port numbers; for example, 10..20.

    • Parameter of type port.

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  8. (Optional) Verify the parameter protocol configuration.

See also

Configuring TCP Conditions for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to add TCP conditions to a PTSP classify-traffic condition:

Because the protocol is already set to TCP, do not change the protocol or protocol-operation options.

To add TCP conditions to a PTSP classify-traffic condition:

  1. From configuration mode, enter the TCP configuration. For example:

  2. (Optional) Enter the protocol for the TCP configuration.

    For PTSP this is set to TCP.

  3. (Optional) Enter the destination port configuration for the TCP configuration.

  4. (Optional) Configure the destination port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object.

    • Integer in the range 0–65535.

    • Expression—A range of port numbers; for example, 10..20.

    • Parameter of type port.

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  5. (Optional) Enter the source port configuration for the TCP configuration.

  6. (Optional) Configure the source port.

    Where from-port is one of the following values:

    • service_port—A predefined global parameter that is the port of the service as specified by the service object.

    • Integer in the range 0–65535

    • Expression—A range of port numbers; for example, 10..20.

    • Parameter of type port

    Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

    • To set a range of ports that is greater than 10, use 11..65535.

    • To set a range of ports that is less than 200, use 0..199.

  7. (Optional) Verify the TCP condition configuration.

See also

Configuring Traffic Match Conditions for PTSP Classify-Traffic Conditions (SRC CLI)

Use the following configuration statements to configure traffic match conditions for PTSP classify traffic conditions.

To add traffic match conditions to PTSP classify-traffic conditions:

  1. From configuration mode, enter the traffic condition configuration. For example:

  2. (Optional) Configure the application protocol to match.

  3. (Optional) Configure a list of application groups to match for this policy.

  4. (Optional) Configure a list of nested applications to match this policy.

    Separate items in the list with commas.

  5. (Optional) Configure the term-precedence for this term in a given policy in relation to other terms. Lower precedence terms are searched first. Precedence matters only within the same class of policies, either dynamic or static. Terms with the same precedence may be evaluated in any order.

    Enter an integer in the range 1–254.

  6. (Optional) Verify the filter condition configuration.

See also