Custom policy

To define a custom policy, click first on the folder where you need to define the policy and click then on the policy creation button image1.

You will be asked to provide the name of the policy. Confirm then with OK to create the policy.

When you click then on the policy name, you get on the right panel the policy configuration screen where you can insert the rules.

Click now on the “Add” button to introduce a rule in the policy definition.

The parameters for the rule definition are:

  • MAC address

  • Ethernet Type

UBIQUITY VPN supports the virtualization of the data link layer and hence the integrated firewall supports the definition of rules working on Ethernet types even different from IP.

The “Ethernet type” list collects all the protocols commonly used with Ethernet and not only the IP ones on which the common protocols are based.

For instance, the EtherCAT or the Profinet protocols are not IP protocols and they still appear in the list as configurable protocols.

If you select for instance “IP” as Ethernet type, the window is populated accordingly, showing IP address, IP protocol and IP port fields.

At each step the window is populated according to the selection made at the previous step until the rule is completely defined.

Once completed, the rule is shown in the list.

When a policy is evaluated, you always start from the top to reach the bottom. The first rule that matches in this order the Ethernet packet in transit makes the policy applicable.