Wireless Configuration
6-25
10.Define the following parameters for either the inbound or outbound MAC Firewall Rules:
11.Save the changes to the new MAC rule or reset to the last saved configuration as needed.
12.Set the following Trust Parameters:
Allow Every IP Firewall rule is made up of matching criteria rules. The action
defines what to do with the packet if it matches the specified criteria. The
following actions are supported:
Deny— Instructs the Firewall to not to allow a packet to proceed to its
destination.
Permit—Instructs the Firewall to allows a packet to proceed to its
destination.
Source and
Destination MAC
Enter both Source and Destination MAC addresses. The wireless
controller uses the source IP address, destination MAC address as basic
matching criteria. Provide a subnet mask if using a mask.
Action The following actions are supported:
Log—Creates a log entry that a Firewall rule has allowed a packet to either
be denied or permitted.
Mark—Modifies certain fields inside the packet and then permits them.
Therefore, mark is an action with an implicit permit.
Mark, Log — Conducts both mark and log functions.
Precedence Use the spinner control to specify a precedence for this MAC Firewall rule
between 1-1500. Access policies with lower precedence are always
applied first to packets.
VLAN ID Enter a VLAN ID representative of the shared SSID each user employs to
interoperate within the network (once authenticated by the local RADIUS
server). The VLAN ID can be between1 and 4094.
Match 802.1P Configures IP DSCP to 802.1p priority mapping for untagged frames. Use
the spinner control to define a setting between 0-7.
Ethertype Use the drop-down menu to specify an Ethertype of either ipv6, arp, wisp,
monitor 8021q. An EtherType is a two-octet field within an Ethernet frame.
It is used to indicate which protocol is encapsulated in the payload of an
Ethernet frame.
Description Provide a description (up to 64 characters) for the rule to help differentiate
the it from others with similar configurations.
ARP Trust Select the radio button to enable ARP Trust on this WLAN. ARP packets
received on this WLAN are considered trusted and information from these
packets is used to identify rogue devices within the network. This setting
is disabled by default.
DHCP Trust Select the radio button to enable DHCP trust on this WLAN. This setting is
disabled by default.
To Next Page
Loading...
