6 - 30 WiNG 5.5 Access Point System Reference Guide
15. Save the changes to the new MAC rule, or reset to the last saved configuration as needed.
16. Define the following parameters for
Association ACL
. An Association ACL defines the rules used to allow/deny
association to devices for this wireless LAN. If no Association ACL exists, select the
Create
button to display a new
window where new ACL can be created.
17. Select the
+ Add Row
button.
18. Define the following parameters for
Association ACL
:
19. Set the following
Trust Parameters
:
Source and Destination
MAC
Enter both
Source
and
Destination
MAC addresses. The access point uses the source IP
address, destination MAC address as basic matching criteria. Provide a subnet mask if
using a mask.
Action
The following actions are supported:
•
Log
- Creates a log entry that a Firewall rule has allowed a packet to either be denied
or permitted.
•
Mark
- Modifies certain fields inside the packet, and then permits them. Therefore,
mark is an action with an implicit permit.
•
Mark, Log
- Conducts both mark and log functions.
Precedence
Use the spinner control to specify a precedence for this MAC Firewall rule from
1-1500. Access policies with lower precedence are always applied first to packets.
VLAN ID
Enter a VLAN ID representative of the shared SSID each user employs to interoperate
within the network (once authenticated by the access point’s local RADIUS server). Set the
VLAN form 1 - 4094.
Match 802.1P
Configures IP DSCP to 802.1p priority mapping for untagged frames. Use the spinner
control to define a setting from 0 - 7.
Ethertype
Use the drop-down menu to specify an Ethertype of either
ipv6
,
arp
,
wisp
or
monitor
8021q
. An Ethertype is a two-octet field within an Ethernet frame. It is used to indicate
which protocol is encapsulated in the payload of an Ethernet frame.
Description
Provide a description (up to 64 characters) for this rule to help differentiate it from others
with similar configurations.
Precedence
Enter a numerical value indicating the precedence of rule execution.
Starting MAC Address
Enter a MAC address to define the start of range. This field is mandatory.
Ending MAC Address
Enter a MAC address to define the end of range.
Allow/Deny
Every Association ACL rule consists of matching criteria rules. The action defines what to
do with the device if it matches the specified criteria. The following actions are supported:
•
Deny
- Instructs the Firewall to not to allow the device to associate with this WLAN.
•
Permit
- Instructs the Firewall to allow the device to associate with this WLAN.
ARP Trust
Select this radio button to enable ARP trust on this WLAN. ARP packets received on this
WLAN are considered trusted and information from these packets is used to identify rogue
devices within the network. This setting is disabled by default.
Содержание AP-7131 Series
Страница 1: ...Motorola Solutions WiNG 5 5 ACCESS POINT SYSTEM REFERENCE GUIDE ...
Страница 2: ......
Страница 3: ...MOTOROLA SOLUTIONS WING 5 5 ACCESS POINT SYSTEM REFERENCE GUIDE MN000160A01 Revision A October 2013 ...
Страница 14: ...x WiNG 5 5 Access Point System Reference Guide ...
Страница 22: ...8 WiNG 5 5 Access Point System Reference Guide ...
Страница 26: ...1 4 WiNG 5 5 Access Point System Reference Guide ...
Страница 74: ...3 36 WiNG 5 5 Access Point System Reference Guide ...
Страница 411: ...Device Configuration 5 325 Figure 5 211 Mesh Point Auto Channel Selection Path Method Root Path Metric screen ...
Страница 428: ...6 2 WiNG 5 5 Access Point System Reference Guide Figure 6 1 Configuration Wireless menu ...
Страница 528: ...6 102 WiNG 5 5 Access Point System Reference Guide ...
Страница 610: ...8 40 WiNG 5 5 Access Point System Reference Guide ...
Страница 615: ...Services Configuration 9 5 Figure 9 2 Captive Portal Policy screen Basic Configuration tab ...
Страница 656: ...9 46 WiNG 5 5 Access Point System Reference Guide ...
Страница 670: ...10 14 WiNG 5 5 Access Point System Reference Guide ...
Страница 682: ...11 12 WiNG 5 5 Access Point System Reference Guide ...
Страница 721: ...Operations 12 39 Figure 12 40 Certificate Management Import New Trustpoint screen ...
Страница 738: ...12 56 WiNG 5 5 Access Point System Reference Guide ...
Страница 890: ...A 2 WiNG 5 5 Access Point System Reference Guide ...
Страница 952: ...B 62 WiNG 5 5 Access Point System Reference Guide ...
Страница 953: ......