Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Configuring Advanced Policy-Based Routing Policy

You can use the Add APBR Policy page to create an advanced policy-based routing (APBR) profile (also known as an application profile) to match applications and application groups and redirect the packets that match the profile to the specified routing instance for route lookup. The APBR profile evaluates the application-aware traffic and permits or denies traffic based on attributes of the applications and application groups. The context established in the first packet of a session must match the context contained in all subsequent packets, if a session is to remain active.

The APBR profile is associated to the ingress traffic. The application profile can be attached to a security zone or it can be attached to a specific logical or physical interface associated with the security zone.

To configure an APBR profile:

  1. Select Configure > Application Routing Policies.

    The Application Routing Policies page appears.

  2. Click the create icon (+).

    The Add APBR Policy page appears.

  3. Complete the configuration by using the guidelines in Table 1.
  4. Click OK to complete the configuration.

    A new APBR profile is created. Click Add Rule or the policy name to configure policy rules. See About the Rules Page (Advanced Policy-Based Routing).

    Click Cancel to discard the configuration.

Table 1: Fields on the Add APBR Policy Page




Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed; maximum length is 63 characters.


Enter a description for the APBR profile; maximum length is 255 characters.


Select one or more devices to associate them with a policy. However, a device can have only one APBR policy associated, at a time.

Select a device in the Available column and move it to the Selected column.