Cisco Cisco NAC Appliance 4.1.0
9-4
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 9 User Management: Traffic Control, Bandwidth, Schedule
Add Global IP-Based Traffic Policies
Add Global IP-Based Traffic Policies
You can configure traffic policies for all the default roles already present in the system (Unauthenticated,
Temporary, Quarantine). You will need to create normal login user roles first before you can configure
traffic policies for them (see
Temporary, Quarantine). You will need to create normal login user roles first before you can configure
traffic policies for them (see
)
This section describes the following:
•
•
Add IP-Based Policy
You can specify individual ports, a port range, a combination of ports and port ranges, or wildcards when
configuring IP-based traffic policies.
configuring IP-based traffic policies.
1.
Go to User Management > User Roles > Traffic Control > IP. The list of IP-based policies for all
roles displays (
roles displays (
Figure 9-2
List of IP-Based Policies
2.
Select the source-to-destination direction for which you want the policy to apply. Chose either
Trusted->Untrusted or Untrusted->Trusted, and click Select.
Trusted->Untrusted or Untrusted->Trusted, and click Select.
3.
Click the Add Policy link next to the user role to create a new policy for the role, or click Add Policy
to All Roles to add the new policy to all roles (except the Unauthenticated role) at once.
to All Roles to add the new policy to all roles (except the Unauthenticated role) at once.
Note
The Add Policy to All Roles option adds the policy to all roles except the Unauthenticated role.
Once added, traffic policies are modified individually and removed per role only.
Once added, traffic policies are modified individually and removed per role only.
4.
The Add Policy form for the role appears (
).
Change
Enable/
disable
policy
disable
policy
priority