Table of Contents
Advertisement
6 - 34 WiNG 5.7.1 Access Point System Reference Guide
20. Define the following parameters for either the inbound or outbound
Allow
Source and Destination
MAC
Actions
Traffic Class
Precedence
VLAN ID
Figure 6-17 WLAN Security - MAC Firewall Rules screen
Every MAC firewall rule is made up of matching criteria rules. The action defines what to
do with the packet if it matches the specified criteria. The following actions are supported:
• Deny - Instructs the firewall to prohibit a packet from proceeding to its destination.
• Permit - Instructs the firewall to allow a packet to proceed to its destination.
Enter both Source and Destination MAC addresses. The access point uses the source IP
address, destination MAC address as basic matching criteria. Provide a subnet mask if
using a mask.
The following actions are supported:
• Log - Creates a log entry that a Firewall rule has allowed a packet to either be denied
or permitted.
• Mark - Modifies certain fields inside the packet, and then permits them. Therefore,
mark is an action with an implicit permit.
• Mark, Log - Conducts both mark and log functions.
Sets a traffic classification value for the packets identified by this inbound MAC filter.
Traffic classifications are used for QoS purposes. Use the spinner to define a traffic class
in the range 1-10.
Use the spinner control to specify a precedence for this MAC Firewall rule from
1-1500. Access policies with lower precedence are always applied first to packets.
Enter a VLAN ID representative of the shared SSID each user employs to interoperate
within the network (once authenticated by the access point's local RADIUS server). Set the
VLAN form 1 - 4094.
MAC Firewall
Rules:
- Quick Links:
- Accessing the Web Ui
Hide quick links:
Advertisement
Table of Contents
