Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring TCP Conditions for PTSP Classify-Traffic Conditions (SRC CLI)

    Use the following configuration statements to add TCP conditions to a PTSP classify-traffic condition:

    policies group name list name rule name traffic-condition name tcp-condition {protocol tcp; }

    Because the protocol is already set to TCP, do not change the protocol or protocol-operation options.

    policies group name list name rule name traffic-condition name tcp-condition destination-port port {from-port from-port; }
    policies group name list name rule name traffic-condition name tcp-condition source-port port {from-port from-port; }

    To add TCP conditions to a PTSP classify-traffic condition:

    1. From configuration mode, enter the TCP configuration. For example:
      user@host# edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition
    2. (Optional) Enter the protocol for the TCP configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition]user@host# set protocol protocol

      For PTSP this is set to TCP.

    3. (Optional) Enter the destination port configuration for the TCP configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition]user@host# edit destination-port port
    4. (Optional) Configure the destination port.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition destination-port port]user@host# set from-port from-port

      Where from-port is one of the following values:

      • service_port—A predefined global parameter that is the port of the service as specified by the service object.
      • Integer in the range 0–65535.
      • Expression—A range of port numbers; for example, 10..20.
      • Parameter of type port.

      Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

      • To set a range of ports that is greater than 10, use 11..65535.
      • To set a range of ports that is less than 200, use 0..199.
    5. (Optional) Enter the source port configuration for the TCP configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition source-port port]user@host# up [edit policies group group1 list list1 rule rule1 traffic-condition condition1]user@host# edit source-port port
    6. (Optional) Configure the source port.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition source-port port]user@host# set from-port from-port [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition source-port port]user@host# up

      Where from-port is one of the following values:

      • service_port — A predefined global parameter that is the port of the service as specified by the service object.
      • Integer in the range 0–65535
      • Expression — A range of port numbers; for example, 10..20.
      • Parameter of type port

      Use a range of ports to specify port numbers that are greater than or less than a specified port number. For example:

      • To set a range of ports that is greater than 10, use 11..65535.
      • To set a range of ports that is less than 200, use 0..199.
    7. (Optional) Verify the TCP condition configuration.
      [edit policies group group1 list list1 rule rule1 traffic-condition condition1 tcp-condition]
      user@host# show 
      protocol tcp;
      protocol-operation is;
      destination-port {
       port {
              from-port service_port;
        }
      }
      source-port { 
        port { 
             from-port service_port;
        }
      }

    Published: 2014-06-25