Summit WM User Guide, Software Version 5.3 189
The second example does the opposite of the first example. It allows some specific access and denies
everything else.
Filtering rules for a default filter
After authentication of the wireless device user, the default filter will apply only after:
z No match is found for the Exception filter rules.
z No filter ID attribute value is returned by the authentication server for this user.
z No match is found on the Summit WM Controller for a filter ID value.
The final rule in the default filter should be a catch-all rule for any traffic that did not match a filter. A
final Allow All rule in a default filter will ensure that a packet is not dropped entirely if no other match
can be found. WM-AD Policy is also applicable for Captive Portal and MAC-based authorization.
To define the filtering rules for a default filter:
1 From the main menu, click WM Access Domain Configuration. The WM Access Domain
Configuration page is displayed.
2 In the left pane WM Access Domains list, click the WM-AD you want to define the filtering rules for
a default filter. The To polog y tab is displayed.
3 Click the Filtering tab.
Table 17: Filtering rules by filter ID example A
In Out Allow IP/Port Description
x x *.*.*.*:22-23 SSH and telnet sessions
x x [specific IP address, range] Deny all traffic to a specific IP address or address
range
x x x *.*.*.*. Allow everything else
Table 18: Filtering rules by filter ID example B
In Out Allow IP/Port Description
x x x [specific IP address, range] Allow traffic to a specific IP address or address
range.
x x *.*.*.*. Deny everything else.
To Next Page
Loading...
