Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
281282283284285286287288289290
8-5
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 8 User Management: Traffic Control, Bandwidth, Schedule
Add Global IP-Based Traffic Policies
3. Click the Add Policy link next to the user role to create a new policy for the role, or click Add Policy
to All Roles to add the new policy to all roles (except the Unauthenticated role) at once.
Note The Add Policy to All Roles option adds the policy to all roles except the Unauthenticated role.
Once added, traffic policies are modified individually and removed per role only.
4. The Add Policy form for the role appears (Figure 8-3).
Figure 8-3 Add IP-Based Policy
5. Set the Priority of the policy from the Priority dropdown menu. The IP policy at the top of the list
will have the highest priority in execution. By default, the form displays a priority lower than the
last policy created (1 for the first policy, 2 for the second policy, and so on). The number of priorities
in the list reflects the number of policies created for the role. The built-in Block All policy has the
lowest priority of all policies by default.
Note To change the Priority of a policy later, click the Up or Down arrows for the policy in the Move
column of the IP policies list page (Figure 8-2).
6. Set the Action of the traffic policy as follows:
Allow (default)—Permit the traffic.
Block—Drop the traffic.
7. Set the State of the traffic policy as follows:
Enabled (default)—Enable this traffic policy immediately for any new traffic for the role.
Disabled—Disable this traffic policy for the role, while preserving the settings of the policy for
future use.
Note To enable/disable traffic policies at the role level, click the corresponding checkbox in Enable
column of the IP policies list page (Figure 8-2).