Roles and Policies
15.1 Firewall Policies
SCALANCE W1750D UI
254 Configuration Manual, 02/2018, C79000-G8976-C451-02
SCALANCE W now supports an enhanced inbound firewall by allowing the configuration of
firewall rules and management subnets, and restricting corporate access through an uplink
switch.
To allow flexibility in firewall configuration, SCALANCE W supports the following features:
● Inbound firewall rules
● Configurable management subnets
● Restricted corporate access
Configuring Inbound Firewall Rules
You can now configure firewall rules for the inbound traffic coming through the uplink ports of
an AP. The rules defined for the inbound traffic are applied if the destination is not a user
connected to the AP. If the destination already has a user role assigned, the user role
overrides the actions or options specified in the inbound firewall configuration. However, if a
deny rule is defined for the inbound traffic, it is applied irrespective of the destination and
user role. Unlike the ACL rules in a WLAN SSID or a wired profile, the inbound firewall rules
can be configured based on the source subnet.
Note
For all subnets, a deny rule is created by default as the last rule. If at least one rule is
configured, the deny all rule is applied to the upstream
traffic by default.
Note
Management access to the AP is allowed irrespective of the inbound firewall rule. For more
information on configuring restricted management access, see Configuring Management
Subnets.
Note
The inbound firewall is not
applied to traffic coming through the GRE tunnel.
You can configure inbound firewall rules through the SCALANCE W UI or the CLI.
To Next Page
Loading...
Need help?
General
