This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Source port + destination address policy

Source port + destination address policy

Emile
New Contributor

‎06-07-2018 11:35 AM

Hello,
In NetSight Policy Manager, I would like to create a set of rules to permit a traffic based on a source IP + source port AND a destination IP range (e.g. 192.168.1.10:80 → 192.168.2.0/24)
I can't find how. I can either permit an IP source + port source, either an IP destination + port destination.
If I create two rules in a service, it acts like a OR so it permits too much traffic.

The goal is to permit a flow from a server to a specific network (admin). Of course I can permit IP destination + port destination on the client side, but shouldn't I filter on the server side too?

Version: Extreme Management Center 8.1.2.59

Thanks,
Émile
0 Kudos
1 REPLY 1

Tom_Currier
Extreme Employee

‎06-18-2018 12:44 PM

This is dependent on the device type. For devices that support IP to Role mapping (see Policy Manager firmware support on the documentation page) you can do an IP to Role mapping that assigns a policy to manage traffic as you wish.

The mapping will set the role based on the source or destination IP address in the packet, then the policy actions will do permits, denies, contain to vlan as specified in the policy.

This is how you can accomplish an AND feature. Also available is VLAN and MAC to Role mapping, again see the policy features supported in the Firmware Support document on our documentation page.

0 Kudos
Top
GTM-P2G8KFN