You are here: Home > CLI Commands > Just_CLI_Topics > routing-policy-map

routing-policy-map

routing-policy-map

branch <XX:XX:XX:XX:XX:XX> access-list <STRING>

role <STRING> access-list <STRING>

Description

This command associates a routing ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. with a specific user role on a managed device.

Syntax

Parameter

Description

branch <XX:XX:XX:XX:XX:XX>

By default, when a branch office deployment uses IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. maps to define the connections between each branch office managed device and its Mobility Master, the global ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.master-boc-traffic is applied to those IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. maps. Use this command to apply a local ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. to the GREGeneric Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel between a specific branch office managed device and its Mobility Master, overriding the default master-boc-traffic ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

role <STRING>

Name of the user role to be associated with the specified routing ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

access-list <STRING>

Name of the route ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. to be associated to the specified user role.

Usage Guidelines

The commands to associate an access list to a user role vary, depending upon the type of access list being associated to that role. Ethertype, MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. , and session ACLsAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. are applied globally across all managed devices, but routing access lists may vary between locations, so they are mapped to a user role in a local configuration setting.

In an environment where an IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. map defines the connections between the managed device and Mobility Master, the global ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.master-boc-traffic is applied to all IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. maps between the managed device and Mobility Master. If any managed device requires a different ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port., issue the command routing-policy-map branch <mac-addr> access-list <acl> on that managed device to associate a different ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. to the L3 GREGeneric Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel between that one managed device and Mobility Master. This local setting will override the global settings defined in the master-boc-traffic ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

Example

The  following example maps a user role to a routing ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

(host)[node](config) #routing-policy-map

role employee access-list branch1

 

To associate the user role with an ethertype, MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. or session ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port., use the command user-role <role> access-list eth|mac|session <acl>.

Related Commands

Command

Description

ip access-list route

Configures an ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. for policy-based routing (PBRPolicy-based Routing. PBR provides a flexible mechanism for forwarding data packets based on polices configured by a network administrator.).

ip nexthop-list

Defines a next-hop list for a routing policy.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/