Table of Contents
Advertisement
Chapter 14
Configuring Filters
Creating an IP Filter
Follow these steps to create an IP filter:
Step 1
Follow the link path to the IP Filters page.
If you are creating a new filter, make sure <NEW> (the default) is selected in the Create/Edit Filter Index
Step 2
menu. To edit an existing filter, select the filter name from the Create/Edit Filter Index menu.
Step 3
Enter a descriptive name for the new filter in the Filter Name field.
Select Forward all or Block all as the filter's default action from the Default Action menu. The filter's
Step 4
default action must be the opposite of the action for at least one of the addresses in the filter. For
example, if you create a filter containing an IP address, an IP protocol, and an IP port and you select
Block as the action for all of them, you must choose Forward All as the filter's default action.
To filter an IP address, enter an address in the IP Address field.
Step 5
Note
Type the mask for the IP address in the Mask field. Enter the mask with periods separating the groups
Step 6
of characters (112.334.556.778, for example). If you enter 255.255.255.255 as the mask, the bridge
accepts any IP address. If you enter 0.0.0.0, the bridge looks for an exact match with the IP address you
entered in the IP Address field. The mask you enter in this field behaves the same way that a mask
behaves when you enter it in the CLI.
Step 7
Select Forward or Block from the Action menu.
Step 8
Click Add. The address appears in the Filters Classes field. To remove the address from the Filters
Classes list, select it and click Delete Class. Repeat
If you do not need to add IP protocol or IP port elements to the filter, skip to
on the bridge.
Step 9
To filter an IP protocol, select one of the commmon protocols from the IP Protocol drop-down menu, or
select the Custom radio button and enter the number of an existing ACL in the Custom field. Enter an
ACL number from 0 to 255. See
numeric designators.
Select Forward or Block from the Action menu.
Step 10
Click Add. The protocol appears in the Filters Classes field. To remove the protocol from the Filters
Step 11
Classes list, select it and click Delete Class. Repeat
If you do not need to add IP port elements to the filter, skip to
To filter a TCP or UDP port protocol, select one of the commmon port protocols from the TCP Port or
Step 12
UDP Port drop-down menus, or select the Custom radio button and enter the number of an existing
protocol in one of the Custom fields. Enter a protocol number from 0 to 65535. See
"Protocol Filters,"
Step 13
Select Forward or Block from the Action menu.
Step 14
Click Add. The protocol appears in the Filters Classes field. To remove the protocol from the Filters
Classes list, select it and click Delete Class. Repeat
Step 15
When the filter is complete, click Apply. The filter is saved on the bridge, but it is not enabled until you
apply it on the Apply Filters page.
Click the Apply Filters tab to return to the Apply Filters page.
Step 16
OL-4059-01
If you plan to block traffic to all IP addresses except those you specify as allowed, put the
address of your own PC in the list of allowed addresses to avoid losing connectivity to the bridge.
Appendix B, "Protocol Filters,"
for a list of IP port protocols and their numeric designators.
Cisco Aironet 1400 Series Wireless Bridges Software Configuration Guide
Configuring Filters Using the Web-Browser Interface
Step 5
through
Step 8
to add addresses to the filter.
Step 15
for a list of IP protocols and their
Step 9
to
Step 11
to add protocols to the filter.
Step 15
to save the filter on the bridge.
Step 12
to
Step 14
to add protocols to the filter.
Figure 14-4
shows the Apply Filters page.
to save the filter
Appendix B,
14-7
Advertisement
Table of Contents
