cancel
Showing results for 
Search instead for 
Did you mean: 

Policy to allow only internet access

Policy to allow only internet access

Matthew_Perry
New Contributor III
I'm trying to setup a Internet only Policy for wired ports. I've created permit role and added deny destination rules for our local networks. I've also added allow rules for dns, dhcp, etc. It looks like rule precedence is tripping me up as the denys are before the permits so everthing is blocked locally. Is there a way to make rules have different precedence or a diffrent way to do this.

1d7fb2bb53fd4e88a21a3baf384aed4f_RackMultipart20170911-102927-2q7j6x-snip_20170911135632_inline.png


6 REPLIES 6

Matthew_Perry
New Contributor III
Most of the edge switches are b-series.

Mike_Thomas
Extreme Employee
Matthew, what is the hardware type? Some can change the precedence, but usually the more complex rules are hit first.
GTM-P2G8KFN