Roles and Policies
15.1 Firewall Policies
SCALANCE W1750D UI
Configuration Manual, 02/2018, C79000-G8976-C451-02
253
Configuring Firewall Settings to Disable Auto Topology Rules
By default, the auto topology rules in an AP are enabled. You can disable the rules by
configuring firewall settings in the AP.
In order to deny auto topology communication outside the AP subnet, the inbound firewall
settings must be enabled.
When the inbound firewall settings are enabled:
● Access Control Entities (ACEs) must be configured to block auto topology messages, as
there is no default rule at the top of predefined ACLs.
● ACEs must be configured to override the guest VLAN auto-expanded ACEs. In other
words, the user defined ACEs take higher precedence over guest VLAN ACEs.
For more information on inbound firewall settings, see Managing Inbound Traffic (Page 254).
Note
The priority of a particular ACE is determined based on the order in which it is programmed.
Ensure that you do not accidentally
override the guest VLAN ACEs
You can change the status of auto topology rules by using the SCALANCE W UI or the CLI:
1. Click the
located directly above the Search bar in the SCALANCE W main
window.
2. Go to the
tab.
3. In
section, select
from the
drop-down list
4. Click
.
(scalance)(config)# firewall
(scalance)(firewall)# disable-auto-topology-rules
(scalance)(firewall)# end
(scalance)# commit apply
To view the configuration status:
Firewall
--------
Type Value
---- -----
Auto topology rules disable
To Next Page
Loading...
Need help?
General
