set correctly security-policy
Hi,
can you please helkp me about how to set correctly security-policy for signaling and media.
I should change security-policy to use network 62.71.13.224/28 instead of 62.71.13.231/31.
I must change only :
local-ip-addr-match 62.71.13.231-----> 62.71.13.224
local-ip-mask 255.255.255.255--->255.255.255.240
sbc11(security-policy)# sh
security-policy
name signaling
network-interface M10:102
priority 1
local-ip-addr-match 62.71.13.231-----> 62.71.13.224?
remote-ip-addr-match 0.0.0.0-->?
local-port-match 5067-->?
remote-port-match 0-->?
trans-protocol-match ALL-->?
direction both-->?
local-ip-mask 255.255.255.255--->255.255.255.240?
remote-ip-mask 0.0.0.0-->?
action allow-->?
options
outbound-sa-fine-grained-mask
local-ip-mask 255.255.255.255-->?
remote-ip-mask 255.255.255.255-->?
local-port-mask 0-->?
remote-port-mask 0-->?
trans-protocol-mask 0-->?
valid enabled-->?
vlan-mask 0xFFF
ike-sainfo-name
selection: 3
SBC22(security-policy)# sh
security-policy
name media
network-interface M10:102
priority 2
local-ip-addr-match 62.71.13.231-----> 62.71.13.224?
remote-ip-addr-match 0.0.0.0-->?
local-port-match 0-->?
remote-port-match 0-->?
trans-protocol-match UDP-->?
direction both-->?
local-ip-mask 255.255.255.255--->255.255.255.240?