Switch User Manual

Configuration | Policy Management | Traffic Management | Assign Rules to Filter
13-35
VPN 3000 Concentrator Series User Guide
Current Rules in Filter
This list shows the rules currently assigned to the filter. Use the scroll controls (if present) to see all the
rules in the list. If no rules have been assigned, the list shows
--Empty--. Each entry shows the rule name
and the action/direction in parentheses;
Apply IPSec rules include their Security Association.
Available Rules
This list shows all the rules currently configured on the system (i.e., all the rules in the active
configuration) that have not been assigned to this filter. Use the scroll controls (if present) to see all the
rules in the list. Each entry shows the rule name and the action/direction in parentheses. (Since Security
Associations are added to
Apply IPSec rules only when those rules are assigned to a filter, this list does
not show SAs.)
<< Add
To add a rule to the filter, select the rule from the Available Rules list and click << Add. The Manager
moves the rule to the
Current Rules in Filter list, modifies the active configuration, refreshes the screen,
and by default orders the current rules with all inbound rules preceding all outbound rules.
If you add a rule that has an
Apply IPSec action configured, the Manager displays the Configuration | Policy
Management | Traffic Management | Assign Rules to Filter | Add SA to Rule
screen, which lets you add a
Security Association to the rule. The Manager also, by default, adds
Apply IPSec rules to the top of the
group of rules with the same direction (inbound or outbound).
<< Insert Above
To add an available rule above a current rule, select the rule from the Available Rules list, then select a
target rule in the
Current Rules in Filter list, and click Insert Above. The Manager moves the rule to the
Current Rules in Filter list, modifies the active configuration, refreshes the screen, and orders the new rule
above the current rule. Both selected rules must have the same direction (inbound or outbound).
If you add a rule that has an
Apply IPSec action configured, the Manager displays the Configuration | Policy
Management | Traffic Management | Assign Rules to Filter | Add SA to Rule
screen, which lets you add a
Security Association to the rule.
>> Remove
To remove a rule from the filter, select the rule from the Current Rules in Filter list and click >> Remove.
The Manager moves the rule to the
Available Rules list, modifies the active configuration, refreshes the
screen, and shows the remaining current rules in the filter.
You cannot remove a rule that is configured as part of a LAN-to-LAN connection. See the
Configuration
| System | Tunneling Protocols | IPSec LAN-to-LAN | Add | Done
screen.