8 - 16 WiNG 5.6 Access Point System Reference Guide
8.2 Configuring IP Firewall Rules
Security Configuration
Access points use IP based firewalls like Access Control Lists (ACLs) to filter/mark packets based on the IP address from which
they arrive, as opposed to filtering packets on Layer 2 ports.
IP based firewall rules are specific to source and destination IP addresses and the unique rules and precedence orders
assigned. Both IP and non-IP traffic on the same Layer 2 interface can be filtered by applying an IP ACL. Firewall rules are
processed by a firewall supported device from first to last. When a rule matches the network traffic an access point is
processing, the firewall uses that rule's action to determine whether traffic is allowed or denied.
There are separate policy creation mechanisms for IPv4 and IPv6 traffic. With either IPv4 or IPv6, create access rules for traffic
entering an access point interface, because if you are going to deny specific types of packets, it is recommended you do it
before the access point spends time processing them, since access rules are processed before other types of firewall rules.
IPv6 addresses are composed of eight groups of four hexadecimal digits separated by colons.
For more information, see:
• Setting an IPv4 or IPv6 Firewall Policy
• Setting an IP SNMP ACL Policy
8.2.1 Setting an IPv4 or IPv6 Firewall Policy
Configuring IP Firewall Rules
Before defining a firewall configuration, refer to the following deployment guidelines to ensure the configuration is optimally
effective:
To add or edit an IP based Firewall Rule policy:
1. Select Configuration tab from the Web user interface.
2. Select Security.
3. Select IPv4 ACL or IPv6 ACL to display existing IP firewall policies.
NOTE: Once defined, a set of IP firewall rules must be applied to an interface to be a
functional filtering tool.
To Next Page
Loading...
