Configures a firewall policy. This policy defines a set of rules for managing network traffic and prevents unauthorized access to the network behind the firewall.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


firewall-policy <FIREWALL-POLICY-NAME>


firewall-policy <FIREWALL-POLICY-NAME>


Specify the firewall policy name. If a firewall policy, with the specified name, does not exist, it is created.


nx9500-6C8809(config)#firewall-policy test
Firewall policy Mode commands:
  acl-logging                    Log on flow creating traffic
  alg                            Enable ALG
  clamp                          Clamp value
  dhcp-offer-convert             Enable conversion of broadcast dhcp offers to
  dns-snoop                      DNS Snooping
  firewall                       Wireless firewall
  flow                           Firewall flow
  ip                             Internet Protocol (IP)
  ip-mac                         Action based on ip-mac table
  ipv6                           Internet Protocol version 6 (IPv6)
  ipv6-mac                       Action based on ipv6-mac table
  logging                        Firewall enhanced logging
  no                             Negate a command or set its defaults
  proxy-arp                      Enable generation of ARP responses on behalf
                                 of another device
  proxy-nd                       Enable generation of ND responses (for IPv6)
                                 on behalf of another device
  stateful-packet-inspection-l2  Enable stateful packet inspection in layer2
  storm-control                  Storm-control
  virtual-defragmentation        Enable virtual defragmentation for IPv4
                                 packets (recommended for proper functioning
                                 of firewall)

  clrscr                         Clears the display screen
  commit                         Commit all changes made in this session
  do                             Run commands from Exec mode
  end                            End current mode and change to EXEC mode
  exit                           End current mode and down to previous mode
  help                           Description of the interactive help system
  revert                         Revert changes
  service                        Service Commands
  show                           Show running system information
  write                          Write running configuration to memory or


Related Commands


Removes an existing firewall policy



For more information on Firewall policy, see Firewall Policy.