20.1 Configuring Traffic Policies

You can configure a maximum of 250 traffic rules per role, depending on the length of the policy name. If you have configured multiple traffic policies, the policies are prioritized based on the order of their creation.

You can configure a different set of traffic policies for different roles as follows:

  1. In the Administration Console, click Access Manager > SSL VPNs > Edit.

  2. Select Traffic Policies from the Policies section. The SSL VPN Traffic Policies page is displayed.

    Traffic Policies page

  3. Click New. The New dialog box is displayed.

  4. Specify the traffic policy name in the Traffic Policy Name field, then click OK.

  5. Click the newly added traffic policy. The Edit Traffic Policy page is displayed.

    Fill in the following fields:

    • Policy Name: Specify the name for the traffic policy.

    • Role: The role to which the traffic rule applies. Select the role from the drop-down list. If the role is not listed, click the role icon to add new roles.

      The Role is case-sensitive. If the role configured is Employee and the Identity Server sends a request for employee, the rule is not pushed to the client.

    • Destination Network: Specify the host or network IP address of the destination.

    • Network Mask: The network mask is displayed by default when you specify the destination address. However, you can edit the mask.

    • Predefined Application: Select a predefined application from the drop-down list.

    • Name: Specify a name for the application. This information is optional.

    • Protocol: Select a protocol from the drop-down list. You can select the protocol to be TCP, UDP, ICMP or Any.

    • Port: Specify the port number on which the service you select must listen.

      NOTE:Specify 0 to allow all ports depending on the protocol.

    • Action: Specify if a service can be allowed or denied. Select Encrypt to allow the service in encrypted form. Select Deny if you do not want to allow the service.

  6. To delete a traffic rule, select the rule, then click Delete.

  7. To enable a traffic rule, select the rule, then click Enable.

  8. To disable a traffic rule, select the rule, then click Disable.

  9. To save your modifications, click OK, then click Update on the Configuration page.