- What's New for Cisco SD-WAN
- Policy Basics
- Cisco SD-WAN Policy Framework Basics
- Control Policies
- Data Policies
- Policy Basics CLI Reference
- Forward Error Correction
- Packet Duplication for Noisy Channels
- Integrate Cisco IOS XE SD-WAN Device with Cisco ACI
- Application-Aware Routing
- Traffic Flow Monitoring with Cflowd
- Lawful Intercept
- Policy Applications Using CLIs
Policy Basics CLI Reference
CLI commands for configuring and monitoring policy.
Centralized Control Policy Command Hierarchy
Configure on Cisco vSmart Controllers only.
policy
lists
color-list list-name
color color
prefix-list list-name
ip-prefix prefix/length
site-list list-name
site-id site-id
tloc-list list-name
tloc address color color encap encapsulation [preference value weight value]
vpn-list list-name
vpn vpn-idpolicy
control-policy policy-name
default-action action
sequence number
match
route
color color
color-list list-name
omp-tag number
origin protocol
originator ip-address
preference number
prefix-list list-name
site-id site-id
site-list list-name
tloc address
tloc-list list-name
vpn vpn-id
vpn-list list-name
tloc
carrier carrier-name
color color
color-list list-name
domain-id domain-id
group-id group-id
omp-tag number
originator ip-address
preference number
site-id site-id
site-list list-name
tloc address
tloc-list list-name
action
reject
accept
export-to (vpn vpn-id | vpn-list list-name)
set
omp-tag number
preference value
service service-name (tloc ip-address | tloc-list list-name) [vpn vpn-id]
tloc-action action
tloc-list list-nameapply-policy
site-list list-name control-policy policy-name (in | out)Centralized Data Policy Command Hierarchy
Configure on Cisco vSmart Controllers only.
policy
lists
app-list list-name
(app applications | app-family application-families)
data-prefix-list list-name
ip-prefix prefix/length
site-list list-name
site-id site-id
tloc-list list-name
tloc ip-address color color encap encapsulation [preference value weight value]
vpn-list list-name
vpn vpn-idpolicy
data-policy policy-name
vpn-list list-name
default-action action
sequence number
match
app-list list-name
destination-data-prefix-list list-name
destination-ip prefix/length
destination-port number
dns (request | response)
dns-app-list list-name
dscp number
packet-length number
plp (high | low)
protocol number
source-data-prefix-list list-name
source-ip prefix/length
source-port number
tcp flag
action
cflowd
count counter-name
drop
log
tcp-optimization
accept
nat [pool number] [use-vpn-0]
redirect-dns (host | ip-address)
set
dscp number
forwarding-class class
local-tloc color color [encap encapsulation]
local-tloc-list color color [encap encapsulation] [restrict]
next-hop ip-address
policer policer-name
service service-name local [restrict] [vpn vpn-id]
service service-name [tloc ip-address | tloc-list list-name] [vpn vpn-id]
tloc ip-address color color [encap encapsulation]
tloc-list list-name
vpn vpn-id
vpn-membership policy-name
default-action action
sequence number
match
vpn vpn-id
vpn-list list-name
action
(accept | reject)apply-policy
site-list list-name data-policy policy-name (all | from-service | from-tunnel)
site-list list-name vpn-membership policy-nameOperational Commands
show running-config
Feedback