Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-3200

311

312

313

314

315

316

317

318

319

320

313 | BranchController Config for Controllers Dell Networking W-Series ArubaOS 6.4.x| User Guide

Field Description

Service

(required)

Type of traffic, which can be one of the following:

l any: This option specifies that this rule applies to any type of traffic.

l application: For session and route policies on a W-7000 Series controller, you can create a rule

that applies to a specific application type. Click the Application drop-down list and select an

application type.

l application category: For session and route policies on a W-7000 Series controller, you can

create a rule that applies to a specific application category. Click the Application Category

drop-down list and select a category type.

l protocol: Using this option, you specify a different layer 4 protocol (other than TCP/UDP) by

configuring the IP protocol value.

l service: Using this option, you use one of the pre-defined services (common protocols such as

HTTPS, HTTP, and others) as the protocol to match for the rule to be applied. You can also

specify a network service that you have manually configured. For details, see Creating a

Network Service Alias on page 443.

l tcp: A range of TCP port(s) that must be used by the traffic in order for the rule to be applied.

l udp: A range of UDP port(s) hat must be used by the traffic in order for the rule to be applied.

Action

(required)

The action that you want the controller to perform on a packet that matches the specified criteria.

This can be one of the following:

l Forward Regularly: Packets are forwarded to their next destination without any changes.

l Forward to ipsec-map: Packets are forwarded through an IPsec tunnel defined by the specified

IPsec map. You must specify the position of the forwarding or routing rule. (1 is first, default is

last)

l Forward to next-hop-list: packets are forwarded to the highest priority active device on the

selected next hop list. You must also specify the position of the forwarding or routing rule (1 is

first, default is last). For more information on next-hop lists, see Routing Configuration on page

309.

l Forward to tunnel: Packets are forwarded through the tunnel with the specified tunnel ID. You

must also specify the position of the forwarding or routing rule (1 is first, default is last). For

more information on GRE tunnels, see Configuring GRE Tunnels on page 181.

l Forward to tunnel group: Packets are forwarded through the active tunnel in a GRE tunnel

group. You must also specify the position of the forwarding or routing rule (1 is first, default is

last). For more information on tunnel groups, see Configuring GRE Tunnel Groups on page

193.

Position (Optional) Define a position for the rule in the ACL. Rules processed according to their position num-

bers, and new Rules are added at the end of an ACL by default. A position of 1 puts the rule at the

top of the list.

Targets for PBR Rules

A Policy Based Routing (PBR) rule does not become active until it is applied to a VLANinterface or user role. To

define a target for a PBRrule:

1. Select the PBR sub-tab.

2. Click the Add button below the Target table.

3. Click the PBR Rule Name drop-down list and select the rule to be applied to the target.

4. Select the target type: VLAN or User Role.

l If you selected the VLAN type, click the Target drop-down list and select a VLAN ID to apply the rule to

the VLAN interface's inbound traffic.