Applying a zone policy to a ONE application
Enter the
zone-service-policy
command on the switchUse the ONE application's management interface to apply the zone policies
To apply zone policies through the ONE application, consult the ArubaOS-Switch Installation and Getting Started Guide for that application.
To apply a zone service policy from the switch CLI, enter the following command from the global configuration context.
Syntax:
no zone-service-policy policy-name zone [enable | disable | update] bind [Ethernet] logical port appname application name appinstance instance description [fail-action | [bypass | block]] [expire | [app-down | permanent | slot-down]]
enable|disable|update
Makes the policy active, inactive, or updates options that have been assigned to a policy.
logical port
Specifies the HPE AllianceONE Extended Services Module's port 1, using the format
slot1
.application name
Specifies the name of the ONE application. See the ArubaOS-Switch Installation and Getting Started Guide for the ONE application.
instance description
Specifies the name of the application and the slot in which it resides. See the ArubaOS-Switch Installation and Getting Started Guide for the ONE application.
fail-action bypass | block
Specifies the action the switch will take if the ONE application is unavailable). Enter
bypass
if you want the switch to ignore the policies and not intercept traffic if the ONE application is unavailable. Specifyblock
if you want the switch to drop traffic that matches your policy criteria if the ONE application is unavailable.expire
Determines if the policy persists if the ONE application is down or unavailable.
app-down
Specifies if you want the policy to expire if the ONE application is unavailable. Specify
permanent
if you do not want the policy to ever expire.slot-down
Specifies if you want the policy to expire if the slot in which the ONE application is installed is unavailable.
Applying a zone policy
The following example shows how to apply a zone policy:
switch(config)# zone-service-policy Firewall zone enable bind F1 appname
hostswitch(config)# show ONE_app slot_ID
Replace
slot_ID
with the slot in which the AllianceONE Extended Services zl Module is installed.