set service-profile soda remediation-acl 463
set service-profile
soda
remediation-acl
Specifies an ACL to be applied to a client if it fails the checks performed
by the SODA agent.
Syntax —
set service-profile name soda remediation-acl
acl-name
name — Service profile name.
acl-name — Name of an existing security ACL to use as a remediation
ACL for this service profile. ACL names must start with a letter and are
case-insensitive.
Defaults — None.
Access — Enabled.
History —Introduced in MSS Version 4.2.
Usage — If the SODA agent checks fail on a client, by default the client is
disconnected from the network. Optionally, you can specify a failure page
for the client to load (with the set service-profile soda failure-page
command). When the failure page is loaded, you can optionally specify a
remediation ACL to apply to the client. The remediation ACL can be used
to grant the client limited access to network resources, for example. If
there is no remediation ACL configured, then the client is disconnected
from the network when the failure page is loaded.
This functionality occurs only when the enforce checks option is enabled
for the service profile. The enforce checks option is enabled by default.
Examples — The following command configures the WX to apply acl-1
to a client when it loads the failure page:
WX4400# set service-profile sp1 soda remediation-acl acl-1
success: change accepted.
See Also
display service-profile on page 353
set service-profile soda enforce-checks on page 458
set service-profile soda failure-page on page 459