Table of Contents
Advertisement
8 - 16 WiNG 5.7.1 Access Point System Reference Guide
8.2 Configuring IP Firewall Rules
Security Configuration
Access points use IP based firewalls like Access Control Lists (ACLs) to filter/mark packets based on the IP address from which
they arrive, as opposed to filtering packets on Layer 2 ports.
IP based firewall rules are specific to source and destination IP addresses and the unique rules and precedence orders
assigned. Both IP and non-IP traffic on the same Layer 2 interface can be filtered by applying an IP ACL. Firewall rules are
processed by a firewall supported device from first to last. When a rule matches the network traffic an access point is
processing, the firewall uses that rule's action to determine whether traffic is allowed or denied.
NOTE: Once defined, a set of IP firewall rules must be applied to an interface to be a
functional filtering tool.
There are separate policy creation mechanisms for IPv4 and IPv6 traffic. With either IPv4 or IPv6, create access rules for traffic
entering an access point interface, because if you are going to deny specific types of packets, it is recommended you do it
before the access point spends time processing them, since access rules are processed before other types of firewall rules.
IPv6 addresses are composed of eight groups of four hexadecimal digits separated by colons.
For more information, see:
•
Setting an IPv4 or IPv6 Firewall Policy
•
Setting an IP SNMP ACL Policy
8.2.1 Setting an IPv4 or IPv6 Firewall Policy
Configuring IP Firewall Rules
Before defining a firewall configuration, refer to the following deployment guidelines to ensure the configuration is optimally
effective:
To add or edit an IP based Firewall Rule policy:
1. Select
Configuration
2. Select Security.
3. Select
IPv4 ACL
tab from the Web user interface.
or
IPv6 ACL
to display existing IP firewall policies.
- Quick Links:
- Accessing the Web Ui
Hide quick links:
Advertisement
Table of Contents
