Cisco Catalyst SD-WAN Policies Configuration Guide, Releases 26.x and Later

PDF

Configure custom applications using Cisco SD-WAN Manager

Want to summarize with AI?

Log in

Configure custom applications using Cisco SD-WAN Manager.


Configure custom applications in Cisco SD-WAN Manager to enable advanced traffic identification AND policy enforcement for Cisco SD-AVC as part of Cisco SD-WAN Manager.

  • Install Cisco SD-AVC as a component of Cisco SD-WAN Manager.

This task is relevant when you need to define AND manage custom applications for traffic classification in Cisco SD-WAN deployments using Cisco SD-WAN Manager. Custom applications allow for granular control AND visibility of network traffic beyond predefined application lists.

Perform the following steps to configure custom applications:

  • Access the application catalog in Cisco SD-WAN Manager.

Before you begin

Install Cisco SD-AVC as a component of Cisco SD-WAN Manager. For information on how to enable SD-AVC on Cisco SD-WAN Manager, see Information on how to enable SD-AVC for Cisco SD-WAN devices.

Follow these steps to configure custom applications using Cisco SD-WAN Manager:

Procedure

1.

From Cisco SD-WAN Manager, select Configuration > Application Catalog.

2.

Click Applications.

The application catalog is displayed.

3.

Select Custom Application.

For Cisco IOS XE Catalyst SD-WAN Release 17.14.1a AND earlier, do the following:

  1. In Cisco SD-WAN Manager, select Configuration > Policies.

  2. Select Centralized Policy.

  3. Click Custom Options AND select Centralized Policy > Lists.

  4. Click Custom Applications.

The custom application options are displayed.

4.

Click New Custom Application.

To define the application, provide an application name AND enter match criteria. The match criteria can include one OR more of the attributes provided: server names, IP addresses, AND so on. You do not need to enter match criteria for all fields.

The match logic follows these rules:

  • Between all L3/L4 attributes, there is a logical AND. Traffic must match all conditions.

  • Between L3/L4 AND Server Names, there is a logical OR. Traffic must match either the server name OR the L3/L4 attributes.

Field

Description

Application Name

(mandatory)

Enter a name for the custom application.

From Cisco IOS XE Catalyst SD-WAN Release 17.16.1a, Cisco SD-WAN Manager appends "-Custom" to the name. This ensures that the name does not conflict with other application types, such as those from Protocol Packs, OR cloud-sourced applications.

Server Names

One OR more server names, separated by commas.

You can include an asterisk wildcard match character (*) only at the beginning of the server name.

Examples:

*cisco.com, *.cisco.com (match www.cisco.com, developer.cisco.com, …)

L3/L4 Attributes

IP Address

Enter one OR more IPv4 addresses, separated by commas.

Example:

10.0.1.1, 10.0.1.2

Note

The subnet prefix range is 24 to 32.

Ports

Enter one OR more ports OR port ranges, separated by space.

Example:

30, 45-47

L4 Protocol

Select one of the following:

TCP, UDP, TCP-UDP

The new custom application appears in the table of custom applications.

5.

Click Add.

To check the progress of creating the new custom application, click Tasks (clipboard icon). A panel opens, showing active AND completed processes.

The custom application is added successfully.

After completing these steps, the custom application is available for use in policies AND traffic classification. See the custom application functionality section in the Custom Application Overview section.

Example custom application criteria

Refer to the example custom application criteria section for guidance.

Criteria

How to configure fields

Domain name

Server Names: Custom

Set of IP addresses, set of ports, AND L4 protocol

IP Address: 10.0.1.1, 10.0.1.2

Ports: 20 25-37

L4 Protocol: TCP-UDP

Set of ports AND L4 protocol

Ports: 30 45-47

L4 Protocol: TCP