Creating Network-level (Layer-4) policies for Service Tunnels

  • Updated on Jun 06, 2022

Banyan policies for service tunnels provide Network-level (Layer-4), access controls, so you can allow/deny access down to specific protocols, CIDRs and ports.

To set up Network-level controls, navigate to Secure Access > Policies > + Create Policy and create a Tunnel Policy.

Enter a Policy Name and a Description.

Then, define your policy, configuring Access Group 1, according to Trust Level, Role, allowed Protocol, CIDR ranges and Ports.

Note that, by default, the above parameters are for Allow access. If you wish to deny access, select Add exceptions (DENY rules) for Protocols, CIDRs, and Ports to configure exceptions within these parameters.

If you want to define an additional Access Group, select + New Access Group.

Once you’ve defined your policy’s rules and access groups, click on Create Policy to save it.