Wireless Configuration
6-25
10.Define the following parameters for either the inbound or outbound MAC Firewall Rules:
11.Save the changes to the new MAC rule or reset to the last saved configuration as needed.
12.Set the following
Trust Parameters
:
Allow
Every IP Firewall rule is made up of matching criteria rules. The action
defines what to do with the packet if it matches the specified criteria. The
following actions are supported:
Deny
— Instructs the Firewall to not to allow a packet to proceed to its
destination.
Permit
—Instructs the Firewall to allows a packet to proceed to its
destination.
Source and
Destination MAC
Enter both
Source
and
Destination
MAC addresses. The wireless
controller uses the source IP address, destination MAC address as basic
matching criteria. Provide a subnet mask if using a mask.
Action
The following actions are supported:
Log
—Creates a log entry that a Firewall rule has allowed a packet to either
be denied or permitted.
Mark
—Modifies certain fields inside the packet and then permits them.
Therefore, mark is an action with an implicit permit.
Mark, Log
— Conducts both mark and log functions.
Precedence
Use the spinner control to specify a precedence for this MAC Firewall rule
between 1-1500. Access policies with lower precedence are always
applied first to packets.
VLAN ID
Enter a VLAN ID representative of the shared SSID each user employs to
interoperate within the network (once authenticated by the local RADIUS
server). The VLAN ID can be between1 and 4094.
Match 802.1P
Configures IP DSCP to 802.1p priority mapping for untagged frames. Use
the spinner control to define a setting between 0-7.
Ethertype
Use the drop-down menu to specify an Ethertype of either ipv6, arp, wisp,
monitor 8021q. An EtherType is a two-octet field within an Ethernet frame.
It is used to indicate which protocol is encapsulated in the payload of an
Ethernet frame.
Description
Provide a description (up to 64 characters) for the rule to help differentiate
the it from others with similar configurations.
ARP Trust
Select the radio button to enable ARP Trust on this WLAN. ARP packets
received on this WLAN are considered trusted and information from these
packets is used to identify rogue devices within the network. This setting
is disabled by default.
DHCP Trust
Select the radio button to enable DHCP trust on this WLAN. This setting is
disabled by default.
Содержание AP-6511
Страница 1: ...Motorola Solutions AP 6511 Access Point System Reference Guide ...
Страница 2: ...Motorola Solutions AP 6511 Access Point System Reference Guide 1 2 ...
Страница 24: ...Motorola Solutions AP 6511 Access Point System Reference Guide 2 12 ...
Страница 136: ...Motorola Solutions AP 6511 Access Point System Reference Guide 6 2 Figure 6 1 Configuration Wireless field ...
Страница 318: ...Motorola Solutions AP 6511 Access Point System Reference Guide 10 16 ...
Страница 409: ...Statistics 13 49 Figure 13 31 Access Point Firewall Packet Flow screen ...
Страница 433: ......