Amer Networks WLO220T CLI User Manual

. . . . .

C O M M A N D D E S C R I P T I O N S

policy

CLI Reference Guide

61

id

get policy [ global ] id pol_num

set policy [ global ] id pol_num1 { ... }

unset policy id pol_num [ disable ]

id pol_num

Specifies an policy ID number. (The disable switch disables the policy.)

Example

The following command assigns the policy an ID value of 10 and permits FTP-GET traffic from any
address in the Trust zone to any address in the Untrust zone:

set policy id 10 from trust to untrust any any ftp-get permit

move

set policy [ global ] move pol_num1 { before pol_num2 | after pol_num3 }

move

Repositions a policy (pol_num1) before another policy (pol_num2) or after a policy
(pol_num3) in the access control list (ACL). When one policy comes before another policy in
the ACL, it has higher precedence.

Example

The following command positions a global policy with ID number 4 before the policy with ID
number 2:

set policy global move 4 before 2

name

set policy [ global ] [ ... ] name name_str {... }

name

name_str Identifies the policy by name. (Assigning a name to an policy is optional.)

Example

The following command creates a new policy named “outbound”:

set policy name outbound from trust to untrust any any any permit

nat

set policy [ global ] { ... } nat src [ dip-id id_num ] { ... }

set policy [ global ] { ... } nat dst ip addr1 [ addr2 | port port_num ] { ... }

nat

Enables or disables source and destination Network Address Translation (NAT-src and NAT-
dst). This feature translates the original source or destination IP address in an IP packet
header to another address.