Skip to main content
Viptela is now part of Cisco.
Support
Product Documentation
Viptela Documentation

Policies

Use the Policies screen to create and activate centralized and localized control and data policies for vSmart controllers and vEdge routers.

Screen Elements

  • Top bar—On the left are the menu icon, for expanding and collapsing the vManage menu, and the vManage product name. On the right are a number of icons and the user profile drop-down.
  • Title bar—Includes the title of the screen, Policies, and the following:
    • Custom Options—Click to create a policy from the CLI, and to create lists, topologies, and traffic policies for use in policy.
  • Centralized Policy tab—Create a centralized policy. When you first open the Policies screen, the Centralized Policy tab is selected.
    • Add Policy—Click to create a centralized policy using the policy configuration wizard.
  • Localized Policy tab—Create a localized policy.
    • Add CLI Policy—Click to create a localized policy using the command-line interface.
  • Search box—Includes the Search Options drop-down, for a Contains or Match string.
  • Refresh icon—Click to refresh data in the policies table with the most current data.
  • Show Table Columns icon—Click to display or hide columns from the policies table. By default, all columns are displayed.
  • Policies table—To re-arrange the columns, drag the column title to the desired position.

g00425.png

Configure Centralized Policy

  1. In the Centralized Policy tab, click Add Policy.
    The policy configuration wizard opens. This wizard is a UI policy builder that consists of four screens that you use to configure centralized policy components and to modify existing components in centralized policies.
  2. Create applications or group of interest:
    1. In the left pane, select the type of list to use with the centralized policy.
    2. In the right pane, click the New button. The New List portion of the screen opens.
    3. Enter a name for the list, and enter or select the components to include in the list.
      Note that the application lists Google_Apps and Microsoft_Apps are preconfigured, and you cannot edit or delete them.
    4. Click Add to create the new list.
    5. To edit, copy, or delete an existing list, select it and click the appropriate icon in the Action column.
    6. Click Next to move to Configure Topology in the wizard. When you first open this screen, the Topology tab is selected by default.
  3. Configure topology:
    1. To configure a topology:
      1. In the Topology tab, click the Add Topology drop-down.
      2. Select the desired network topology.
      3. Enter a name and description for the topology, and select the VPN list to which the topology applies.
      4. Click the New button, and enter the information for the topology component.
      5. Enter a name for the topology component, and enter or select the components to include in it.
      6. Click Save.
    2. To configure a VPN membership policy component:
      1. In the VPN Membership tab, click Add VPN Membership Policy.
      2. In the Update VPN Membership Policy popup, enter a name and description of the VPN membership, and select site lists and VPN lists. To create new lists, click Add List.
      3. Click Save.
    3. To edit, copy, or delete an existing topology or VPN membership policy, select it and click the appropriate icon in the Action column.
    4. Click Next to move to Configure Traffic Rules in the wizard. When you first open this screen, the Application-Aware Routing tab is selected by default.
  4. Configure traffic rules:
    1. In the Application-Aware Routing tab, select the desired policy type—Application-Aware Routing, Traffic Data, or Cflowd.
    2. Click the Add Policy drop-down.
    3. To import an existing policy, select Import Existing. In the Import Existing Data Policy popup, select the name of the file containing the data policy. Then click Import.
    4. To create a new policy, select Create New, and in the left pane, click Sequence Type.
    5. For an application-aware routing policy:
      1. In the right pane, click Sequence Rule.
      2. Add the match and action rules.
      3. Add additional sequences as needed. Drag and drop sequences to re-order them
      4. Click Save Application-Aware Routing Policy.
    6. For a traffic data policy:
      1. From the Add Data Policy popup, select the policy type.
      2. In the right pane, click Sequence Rule.
      3. Add the match and action rules.
      4. Add additional sequences as needed. Drag and drop sequences to re-order them
      5. Click Save Data Policy.
    7. For cflowd policy:
      1. To configure the cflowd template, enter values for the active flow timeout, inactive flow timeout, flow refresh interval, and sampling interval.
      2. To configure a collector list, click Add New Collector. Enter the VPN ID where the collector is located, its IP address, port number, transport protocol, and source interface. Click Add.
      3. Click Save Cflowd Policy.
    8. Click Next to move to Apply Policies to Sites and VPNs in the wizard.
  5. Apply policies to sites and VPNs:
    1. Enter a name for the policy. This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (–), and underscores (_). It cannot contain spaces or any other characters.
    2. Enter a description of the policy. This field is mandatory, and it can contain any characters and spaces. It can contain up to 2048 characters.
    3. Click New Site List and VPN List.
    4. Select the site list and VPN list, and click Add.
    5. Click Preview to view the configured policy. The policy is displayed in CLI format.
    6. Click Save Policy. The Configuration ► Policies screen is then displayed, and the policies table includes the newly created policy.

Configure Localized Policy

  1. In the Localized Policy tab,click Add CLI Policy.
  2. In the Add CLI Policy screen, enter the policy configuration. Click Create Variable to create a variable to use in the configuration. Click Select a File to import a file containing policy configuration commands.
  3. Click Add.

View a Policy

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click View. Policies created with the UI policy builder are displayed in graphical format. Policies created using the CLI are displayed in text format.
  3. Click Cancel to return to the policies table.

For a policy created using the vManage policy configuration wizard, you can view the policy in text format:

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click Preview.
  3. Click Cancel to return to the policies table.

Copy a Policy

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click Copy.
  3. In the Policy Copy popup window, enter the policy name and a description of the policy.
  4. Click Copy.

Edit a Policy

For policies created using the vManage policy configuration wizard:

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click Edit.
  3. Edit the policy as needed.
  4. Click Save Policy Changes.

For polices created using the CLI:

  1. In the Custom Options drop-down, click CLI Policy.
  2. Click the More Actions icon to the right of the column and click Edit.
  3. Edit the policy as needed.
  4. Click Update.

Edit or Create a Policy Component

For centralized policy, you can create individual policy components directly rather than using the policy configuration wizard:

  1. In the Centralized Policy tab,click the Custom Options drop-down.
  2. Select Lists to create or edit lists for applications or groups of interest.
  3. Select Topology to create or edit network topologies or VPN membership policies.
  4. Select Traffic Policy to create or edit traffic rules.

Delete a Policy

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click Delete.
  3. Click OK to confirm deletion of the policy.

Activate a Policy on vSmart Controllers

  1. In the Centralized Policy or Localized Policy tab, select a policy.
  2. Click the More Actions icon to the right of the column and click Activate.
  3. In the Activate Policy popup, click Activate to push the policy to all reachable vSmart controllers in the network.
  4. Click OK to confirm activation of the policy on all vSmart controllers.
  • Was this article helpful?