Options for Outbound Policy

Hi Guys,

if you use an Outbound Policy, you can use the source and destination Network and the Port to create a roule. In Some (bigger) szenarios, that’s not enough.

I would be happy if we can use a Wildcard in the Network in front, e.g. x.x.1.50
The next usefull is, if you can use the LAN-Port and the VLAN

Why do we need that:
for VLAN:
If you have a lot of locations and e.g. in every site, the VoIP phones are in VLAN 400, you create a roule in InControl for all in one step.

for LAN-Port:
you connect the e.g. building security system always on LAN-Port 4

Wildcard in front:
Fileserver is in any location x.x.1.50, you can build easy roules for that.



Like the wildcard idea.

Outbound policies are really dynamic routing tables to send LAN traffic to next hop destinations (on the WAN), so LAN side VLAN / LAN port destinations can’t work like you imagine.

I often use spare WAN ports for specific ‘LAN’ services so I can use outbound policies like you are suggesting though. Eg the VoIP VLAN on a WAN port of the balance so that all LAN VLANS can access it but not each others LAN segments.



really only Martin and me got a usecase for that?

best wishes


We also use a vlan for voip,we could use outbound rules that let the source or destination be one of the available lans in the drop down. This would be great so we don’t have to custom match the rule to the new vlan network per device.


+1 on the request for setting Outbound Policy based on the VLAN tagging. I don’t quite understand why Martin thought it was not possible, but if it were possible, it would be super helpful to me.