Chapter 8 Route

Table 43 Input Values for General Policy Route Commands (continued)

LABEL

DESCRIPTION

policy_number

The number of a policy route. 1 - X where X is the highest number of policy routes

 

the ZyWALL model supports. See the ZyWALL’s User’s Guide for details.

 

 

schedule_object

The name of the schedule. You may use 1-31 alphanumeric characters,

 

underscores(_), or dashes (-), but the first character cannot be a number. This value

 

is case-sensitive.

service_name

The name of the service (group). You may use 1-31 alphanumeric characters,

 

underscores(_), or dashes (-), but the first character cannot be a number. This value

 

is case-sensitive.

user_name

The name of a user (group). You may use 1-31 alphanumeric characters,

 

underscores(_), or dashes (-), but the first character cannot be a number. This value

 

is case-sensitive.

destv6

The IPv6 route prefix (subnet address) for the destination.

 

 

prefix

The IPv6 prefix length, 0 - 128.

 

 

gatewayv6

The IPv6 address of the specified gateway.

 

 

ipv6_addr

An IPv6 address.

 

 

ipv6_global_address

An IPv6 address excluding the link-local address (fe80::).

 

 

ipv6_link_local

An fe80:: IPv6 address.

 

 

The following table describes the commands available for policy route. You must use the configure terminal command to enter the configuration mode before you can use these commands.

Table 44 Command Summary: Policy Route

COMMAND

DESCRIPTION

[no] bwm activate

Globally enables bandwidth management. You must globally activate

 

bandwidth management to have individual policy routes or application

 

patrol policies apply bandwidth management. The no command

 

globally disables bandwidth management.

policy {policy_number append insert

Enters the policy-route sub-command mode to configure, add or insert

policy_number}

a policy.

[no] auto-destination

When you set tunnel as the next-hop type (using the next-hop

 

tunnel command) for this route, you can use this command to have

 

the ZyWALL use the local network of the peer router that initiated an

 

incoming dynamic IPSec tunnel as the destination address of the policy

 

instead of what you configure by using the destination command.

 

The no command disables the setting.

[no] auto-disable

When you set interface or trunk as the next-hop type (using the

 

next-hop interface or next-hop trunk command) for this route,

 

you can use this command to have the ZyWALL automatically disable

 

this policy route when the next-hop’s connection is down. The no

 

command disables the setting.

 

 

[no] bandwidth <1..1048576> priority

Sets the maximum bandwidth and priority for the policy. The no

<1..1024> [maximize-bandwidth-usage]

command removes bandwidth settings from the rule. You can also turn

 

maximize bandwidth usage on or off.

[no] deactivate

Disables the specified policy. The no command enables the specified

 

policy.

 

 

[no] description description

Sets a descriptive name for the policy. The no command removes the

 

name for the policy.

 

 

[no] destination {address_objectany}

Sets the destination IP address the matched packets must have. The

 

no command resets the destination IP address to the default (any).

 

any means all IP addresses.

100

 

ZyWALL (ZLD) CLI Reference Guide