Dell PowerConnect W-AirWave 7.6 Configuration Manual page 58

Policy button. To edit an existing policy, click the pencil icon.
The Security > Policies > Add New Policy page contains the following fields, as described in
Table 12:
Security > Policies > Add New Policy Fields and Descriptions
Field
General Settings
Folder
Name
Rules
IPv6
Source Traffic Match
Destination Traffic Match
Service Type
Action
52 | Configuration Reference
Default Description
Set the folder with which the policy is associated. The drop-down menu
Top
displays all folders available for association with the policy.
Blank Enter the name of the policy.
Select whether to use the IPv6 protocol. If you select No, AirWave displays
options for the IPv4 protocol instead.
No
NOTE: As of AOS 6.0, you can mix IPv4 and IPv6 rules on one policy.
The traffic source, which can be one of the following:
alias: After choosing this option, specify the network resource from the
l
Source Alias drop-down menu that appears. Select the pencil icon to edit,
or the plus icon to add a new alias.
any: match any traffic (wildcard)
l
host: This refers to traffic from a specific host. When this option is chosen,
l
you must configure the source IP address of the host. For example,
any
2002:d81f:f9f0:1000:c7e:5d61:585c:3ab
localip: (IPv4 only) specify the local IP address to match traffic
l
network: This refers to a traffic that has a source IP from a subnet of IP
l
addresses. When this option is chosen, you must configure the source
address and network mask of the subnet. For example, 2002:ac10:fe::
ffff:ffff:ffff::.
user: This refers to traffic from the wireless client.
l
The traffic destination, which can be any of the same types as the Source
any
Traffic Match options.
Type of traffic, which can be one of the following:
any: This option specifies that this rule applies to any type of traffic.
l
tcp: Using this option, configure a range of TCP port(s) to match for the rule
l
to be applied.
udp: Using this option, configure a range of UDP port(s) to match for the
l
rule to be applied.
service: Selecting this option creates a new field called Service
l
any
underneath Service Type with a drop-down list of pre-defined services
(common protocols such as HTTPS, HTTP, and others) as the protocol to
match for the rule to be applied. Select the pencil icon to edit the
Netservice Profile (refer to
or the plus sign to create a new Netservice profile.
protocol: Using this option, specify a different layer 4 protocol (other than
l
TCP/UDP) by configuring the IP protocol value.
icmpv6: Use this option to configure ICMPv6. Requires IPv6 enabled.
l
Action if rule is applied, which can be one of the following:
reject: deny packets. A new field will appear where you can Send Deny
permit Response
dst-nat: perform destination NAT on packets. New fields appear to specify the
Dual NAT Pool and Dual NAT Port.
"Security > Policies > Services" on page
Dell PowerConnect W-AirWave 7.6 | Configuration Guide
Table 12:
54),