Wi-Fi Isolate Wi-Fi clients
IX20 User Guide
348
n
psk2
n
wpa2:
d. Complete other encryption-related fieldsasappropriate based on the typeof encryption.
See Configure an open Wi-Fi access point, Configure a Wi-Fi access point with personal
security, or Configure a Wi-Fi access point with enterprise security for details.
4. Configure the firewall:
a. Return to the root config prompt by typing three periods(...):
(config network wifi ap new_AP)> ...
(config)>
b. Add a new firewall zonenamed LAN2_isolation_zone. We will be creating LAN2 later in
the procedure.
(config)> add firewall zone LAN2_isolation_zone
(config firewall zone LAN2_isolation_zone)>
c. Create a firewall filter to provide internet accessfor the LAN2_isolation_zone.
i. Return to the root config prompt by typing three periods(...):
(config firewall zone LAN2_isolation_zone)> ...
(config)>
ii. Add the new packet filter:
(config)> add firewall filter end
(config firewall filter 2)>
iii. Set the label for the filter:
(config firewall filter 2)> label "Allow LAN2_isolation_zone to
External"
(config firewall filter 2)>
iv. Set the sourcezoneto LAN2_isolation_zone:
(config firewall filter 2)> src_zone LAN2_isolation_zone
(config firewall filter 2)>
v. Set the destination zone to external:
(config firewall filter 2)> dst_zone external
(config firewall filter 2)>
d. Create a firewall filter to drop traffic from the Internal zone (used by the LAN1 interface)
to the LAN2_isolation_zone:
Firewall filters are applied in the order that they are listed. As a result, in order to drop
traffic from the Internal zone to the LAN2_isolation_zone, thisfilter must be added
before the Allow all outgoing traffic filter, which allowsthe Internal zone to have access
to any zone. In this example, we will add the new to the first position in the list (index
position 0).
To Next Page
Loading...