Routing Policies
Routing Policies define traffic classification and routing rules that control how traffic is forwarded across your network. Policies can be scoped globally (applying to all edges) or to specific edges.
Navigate to Network > Routing Policies in the sidebar.
Overview
Stat Cards
| Card | Description |
|---|---|
| Total Policies | Number of routing policies |
| Active Policies | Policies currently enabled |
| Total Rules | Sum of rules across all policies |
| Global Policies | Policies that apply to all edges |
Policies Table
| Column | Description |
|---|---|
| Name | Policy name |
| Scope | Global (applies to all edges) or the specific edge name |
| Priority | Numeric priority (lower = higher precedence), color-coded |
| Rules | Number of rules in the policy |
| Status | Enabled or Disabled |
| Actions | View Details, Validate, Edit, Delete |
Creating a Policy
- Click Create Policy.
- Fill in the policy form:
| Field | Required | Description |
|---|---|---|
| Name | Yes | Descriptive policy name |
| Description | No | Additional context |
| Scope | Yes | Global (all edges) or a specific edge |
| Priority | Yes | Numeric priority for evaluation order |
| Status | Yes | Enabled or Disabled |
| Rules | Yes | One or more routing rules (see below) |
- Click Create to save.
Policy Rules
Each rule within a policy defines matching criteria and a routing action. Rules can match on:
- Application — Select from defined applications
- Protocol — TCP, UDP, ICMP, or any
- Source / Destination — IP addresses or CIDR ranges
- Ports — Source and destination port ranges
Actions
View Details
Click the View button on any policy to open a read-only detail modal showing all rules, their matching criteria, and actions.
Validate
Click Validate to check a policy for configuration errors. The validation result is shown as a toast notification (success or error details).
Sync to Edges
Click Sync to Edges in the page header to push all enabled policies to all online edges. A confirmation dialog shows the action and reports how many edges were successfully synced.
Routing policies are applied via the batch configuration system. Changes to policies must be synced to edges to take effect. The Sync to Edges action triggers a batch push to all applicable edges.
Edit and Delete
- Edit — Opens the policy form with current values pre-filled
- Delete — Removes the policy after confirmation. Policies applied to edges remain in effect until the next sync.
Policy Scope
| Scope | Behavior |
|---|---|
| Global | The policy applies to all edges. It also appears in Device Groups for assignment to VPN app devices. |
| Edge-specific | The policy only applies to the selected edge. It is configured and synced alongside the edge's other configuration. |
Priority
When multiple policies match the same traffic, they are evaluated in priority order (lowest number first). Ensure your most specific policies have the lowest priority numbers.