port-association-service-add
The Inline Service feature manages service chains for Layer 1 Virtual Wire switches. The term, Inline Services, refers to services attached to a Layer 1 Virtual Wire switch such as Next-Generation Firewall (NGFW), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Distributed Denial of Service attack (DDoS) Prevention.
When an Inline Service fails, a policy determines if traffic is allowed to bypass the Inline Services or if the traffic is blocked until the Inline Services recovers.
This command is used to add a port association service.
Syntax port-association-service-add
|
port-association-name name-string |
Displays the name of the port association to apply the service. |
|
switch name-string |
Displays the switch name where the service is located. |
|
inline-service inline-service-name |
Displays the name of the Inline Service. |
|
order number |
Displays a number to designate the order of the service. This is a value between 1 and 65535 |
|
policy-action fail-open|fail-closed |
Displays a policy action when the service fails on the network. |
Defaults None
Access Network Administrator
History Command introduced in Version 2.6.0.
Usage Use this command to add a port association service.
Examples To add a port association service on leaf1, inline-service, NGFW, order 1, and fail-policy fail-open, use the following syntax:
CLI network-admin@switch > port-association-service-add port-association-name CHAIN switch leaf1 inline-service NGFW order 1 fail-policy fail-open