firewall-policy

Configures a firewall policy. This policy defines a set of rules for managing network traffic and prevents unauthorized access to the network behind the firewall.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

firewall-policy <FIREWALL-POLICY-NAME>

Parameters

firewall-policy <FIREWALL-POLICY-NAME>

<FIREWALL-POLICY-NAME>

Specify the firewall policy name. If a firewall policy, with the specified name, does not exist, it is created.

Examples

nx9500-6C8809(config)#firewall-policy test
nx9500-6C8809(config-fw-policy-test)#?
Firewall policy Mode commands:
  acl-logging                    Log on flow creating traffic
  alg                            Enable ALG
  clamp                          Clamp value
  dhcp-offer-convert             Enable conversion of broadcast dhcp offers to
                                 unicast
  dns-snoop                      DNS Snooping
  firewall                       Wireless firewall
  flow                           Firewall flow
  ip                             Internet Protocol (IP)
  ip-mac                         Action based on ip-mac table
  ipv6                           Internet Protocol version 6 (IPv6)
  ipv6-mac                       Action based on ipv6-mac table
  logging                        Firewall enhanced logging
  no                             Negate a command or set its defaults
  proxy-arp                      Enable generation of ARP responses on behalf
                                 of another device
  proxy-nd                       Enable generation of ND responses (for IPv6)
                                 on behalf of another device
  stateful-packet-inspection-l2  Enable stateful packet inspection in layer2
                                 firewall
  storm-control                  Storm-control
  virtual-defragmentation        Enable virtual defragmentation for IPv4
                                 packets (recommended for proper functioning
                                 of firewall)

  clrscr                         Clears the display screen
  commit                         Commit all changes made in this session
  do                             Run commands from Exec mode
  end                            End current mode and change to EXEC mode
  exit                           End current mode and down to previous mode
  help                           Description of the interactive help system
  revert                         Revert changes
  service                        Service Commands
  show                           Show running system information
  write                          Write running configuration to memory or
                                 terminal

nx9500-6C8809(config-fw-policy-test)#

Related Commands

no

Removes an existing firewall policy

Note

Note

For more information on Firewall policy, see Firewall Policy.