EasyManua.ls Logo

Siemens SCALANCE W1750D UI - Page 246

Siemens SCALANCE W1750D UI
570 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Roles and Policies
15.1 Firewall Policies
SCALANCE W1750D UI
246 Configuration Manual, 02/2018, C79000-G8976-C451-02
Service Category
Description
Blacklist Select the
Blacklist
check box to blacklist the client when this rule is
triggered. The blacklisting lasts for the duration specified as
Auth fail-
ure blacklist time
on the Blacklisting tab of the
Security
window. For
more information, see Blacklisting Clients (Page 235).
Classify media Select the
Classify media
check box to prioritize video and voice traffic.
When enabled, a packet inspection is performed on all non-NAT traffic
and the traffic is marked as follows:
Video: Priority 5 (Critical)
Voice: Priority 6 (Internetwork Control)
Disable scanning Select
Disable scanning
check box to disable ARM scanning when this
rule is triggered.
The selection of
Disable scanning
applies only if ARM scanning is
enabled.
For more information, see Configuring Radio Settings on
page 258.
DSCP tag Select the
DSCP tag
check box to specify a DSCP value to prioritize
traffic when this rule is triggered. Specify a value within the range of 0
63. To assign a higher priority, specify a higher value.
802.1p priority Select the
802.1p priority
check box to specify an 802.1p priority. Spec-
ify a value between 0 and 7. To assign a higher priority, specify a high-
er value.
6. Click
OK
and then click
Finish
.
In the CLI
To configure access rules:
(scalance)(config)# wlan access-rule <access-rule-name>
(scalance)(Access Rule <Name>)#rule <dest> <mask> <match/invert> {<protocol> <start-
port>
<end-port> {permit|deny|src-nat [vlan <vlan_id>|tunnel]|dst-nat{<IP-address>
<port>|<port>}} [<option1....option9>]
(scalance)(Access Rule <Name>)# end (scalance)# commit apply
Example
(scalance)(config)# wlan access-rule employee
(scalance)(Access Rule "employee")# rule 10.17.88.59 255.255.255.255 match 6 4343
4343 log classify-media
(scalance)(Access Rule "employee")# rule 192.0.2.8 255.255.255.255 invert 6 110 110
permit
(scalance)(Access Rule "employee")# rule 192.0.2.2 255.255.255.0 192.0.2.7
255.255.255.0
match tcp 21 21 deny
(scalance)(Access Rule "employee")# rule 192.0.2.2 255.255.255.0 192.0.2.7
255.255.255.0
match udp 21 21 deny

Table of Contents

Related product manuals