Using Identity Management
Policy Match Condition Combinations
Table 8
lists the ingress policy match condition combinations for Identity Management.
The following items provide additional information about the match conditions:
EXOS dynamically inserts the source IP. It does not allow you to add a source IP in the ingress
●
policy.
The egress policy is not supported for Identity Management.
●
Table 8: Identity Management Ingress Policy Match Conditions
Source IP
Source IP
SMAC
Dest IP
vlan-id
ip-tos
dot1p
fragments
ip-tos
Attaching Policies to Roles
You must attach policies to roles before you can attach roles to switches. Use the procedure to edit
attached roles with policies.
To attach roles with policies, do the following:
1 On the menu bar, go to Edit>Attach Roles and Policies. See
dialog opens.
Figure 231: Attach Roles and Policies Menu
276
Source IP
Source IP
Dest IP
SMAC
protocol
source-sap
source-port
destination-sap
dest-por
ip-tos
tcp-flags
vlan-id
dot1p
ip-tos
Source IP
ip-tos
fragments
First-fragments
Figure
232. The Attach Role and Policies
Ridgeline Concepts and Solutions Guide
SMAC
Snap-type