Virtual Network configuration
A31003-W1040-U101-1-7619, July 2006 DRAFT
164 HiPath Wireless Controller, Access Points and Convergence Software V4.0, C10/C100/C1000 User Guide
hwc_vnsconfiguration.fm
Configuring filtering rules for a VNS
7.6.4.2 Filtering rules for an AAA child group VNS
If you defined a child group for an AAA VNS, it will have the same authentication parameters
and filter IDs as the parent VNS. However, you can define different filtering rules for the filters
IDs in the child configuration from those in the parent configuration.
7.6.4.3 Filtering rules between two wireless devices
Traffic from two wireless devices that are on the same VNS and are connected to the same
Wireless AP will pass through the HiPath Wireless Controller and therefore be subject to
filtering policy. You can set up filtering rules that allow each wireless device access to the
default gateway, but also prevent each device from communicating with each other.
Add the following two rules to a filter ID filter, before allowing everything else:
In Out Allow IP / Port Description
x Port 80 (HTTP) on host IP Deny all incoming wireless devices
access to web browsing the host
x Intranet IP 10.3.0.20, ports
10-30
Deny all traffic from the network to the
wireless devices on the port range, such
as TELNET (port 23) or FTP (port 21)
x x Intranet IP 10.3.0.20 Allow all other traffic from the wireless
devices to the Intranet network
x x Intranet IP 10.3.0.20 Allow all other traffic from Intranet network
to wireless devices
x x x *.*.*.*. Allow everything else
Table 12 Default filter example B
In Out Allow IP / Port Description
x x x [Intranet IP] Allow access to the Gateway IP address of the
VNS only
x x [Intranet IP, range] Deny all access to the VNS subnet range (such as
0/24)
x x x *.*.*.*. Allow everything else
Table 13 Rules between two wireless devices
To Next Page
Loading...
Need help?
General
