EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Page 150

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Authentication Method Supported for IPv6 Clients?
VPN No
xSec No (not tested)
MAC-based Yes
You configure 802.1X authentication for IPv6 clients in the same way as for IPv4 client configurations. For
more information about configuring 802.1X authentication on the switch, see 802.1X Authentication on page
259.
This release does not support authentication of management users on IPv6 clients.
Working with Firewall Features
If you installed a Policy Enforcement Firewall Next Generation (PEFNG) license in the switch, you can configure
firewall functions for IPv6 client traffic. While these firewall functions are identical to firewall functions for IPv4
clients, you need to explicitly configure them for IPv6 traffic. For more information about firewall policies, see
Understanding Global Firewall Parameters on page 393.
Voice-related and NAT firewall functions are not supported for IPv6 traffic.
Parameter Description
Monitor Ping Attack (per
30 seconds)
Number of ICMP pings per 30 second, which if exceeded, can indicate a denial of
service attack. Valid range is 1-16384 pings per 30 seconds.
Recommended value is 120.
Default: No default
Monitor TCP SYN Attack
rate (per 30 seconds)
Number of TCP SYN messages per 30 second, which if exceeded, can indicate a
denial of service attack. Valid range is 1-16384 pings per 30 seconds.
Recommended value is 960.
Default: No default
Monitor IP Session Attack
(per 30 seconds)
Number of TCP or UDP connection requests per 30 second, which if exceeded, can
indicate a denial of service attack. Valid range is 1-16384 requests per 30 seconds.
Recommended value is 960.
Default: No default
Deny Inter User Bridging Prevents the forwarding of Layer-2 traffic between wired or wireless users. You can
configure user role policies that prevent Layer-3 traffic between users or networks
but this does not block Layer-2 traffic. This option can be used to prevent traffic,
such as Appletalk or IPX, from being forwarded.
Default: Disabled
Deny All IP Fragments Drops all IP fragments.
NOTE: Do not enable this option unless instructed to do so by an Alcatel-Lucent
representative.
Default: Disabled
Table 38: IPv6 Firewall Parameters
AOS-W 6.5.3.x | User Guide IPv6 Support | 150

Table of Contents