Outbound policy management in InControl2

Knowledgebase Tips and Tricks
, ,
1

Outbound policy management in InControl2 allows you to upload a configuration file saved from a device, view or optionally change the rules’ schedule, and then apply these policies to one, or multiple devices.

To configure the Outbound Policies:

Configure the outbound policies on the web admin interface of one of your Peplink routers.

When applying rules to sets of devices only WAN connections with matching names (eg WAN 1) will be active.

For example, to apply a rule that forces certain traffic to “WAN 1”, each selected device also needs a WAN connection called “WAN 1”.
For devices without a “WAN 1” the rule will be excluded.

The same logic applies to policies applied to PepVPN profiles.

image
image1009×449 35.5 KB

Download the configuration file from the router containing the Outbound Policies that you want to apply to other Peplink routers in your organization.

image
image1014×388 26.4 KB

In the correct InControl2 organization select: Group settings > Network settings > Outbound Policy.

image
image790×249 17.9 KB

Tick the box to Manage the Outbound policies on Balance and Max devices.

image
image710×269 14.4 KB

Click the “Import Rule Set from Configuration File” button.

image
image719×393 20.5 KB

A window will pop up showing all the Outbound policies available in that configuration file.
This will create a new Outbound Policies Rule Set when saved.
Before saving select the options to enable or disable individual outbound policies.
Select if the rule set should be applied to All Balance and Max devices or a selection of your devices using ‘tags’.

image
image1053×582 31.2 KB

After being saved the rule set will be available from the main Outbound Policy section in InControl2.

image
image1246×334 28.7 KB

This feature is available in InControl since version 2.5.1

4 Likes
3

Hi Erik!

Thanks for detailed information.

Any suggestion when using both SpeedFusion Configuration and Outbound Policy through IC2 and with the need to enforce specific traffic into a PepVPN?

I mean… We have star topology (FusionHub is the hub and BR1s are endpoints). We configured SpeedFusion tunnels using IC2. We also want to use IC2 to configure outbound policies for all the end points to enforce specific traffic into the pepvpn.

The issue is that the Outbound Policy configuration through IC2 asks for the PepVPN tunnel name. But the PepVPN name is automatically/dynamically assigned by the SpeedFusion profile and each tunnel has its own pepvpn name.

Best regards!
Héctor

1 Like
4

Hi Hector,

The PepVPN tunnel name is automatically assigned a default value during creation, but you can change this value under the “Advanced Link Settings” in the PepVPN management wizard.

3 Likes
5

Thanks for your answer James!

Actually, I was looking for even an easiest way :slight_smile: maybe an option to name all the remote tunnels with the same name at once? This way we can add an Outbound Policy Rule Set to send traffic into the PepVPN

I understand that this might sound like a trivial request… but people always want easier :slight_smile: And as Distributor, we need to hear every request.

1 Like
6

What is the policy update time in device once it is saved on InControl2 ?

7

@harikrishna, it should be immediately. Please ensure the WAN name of your outbound policies are matched with the device’s WAN name.

1 Like