Table of Contents
Advertisement
5. To configure a rule to control access to network services, select Network under service
category and specify the following parameters:
SCALANCE W1750D UI
Configuration Manual, 02/2018, C79000-G8976-C451-02
Service Category
Network
Action
Destination
Log
Description
Select a service from the list of available services. You can allow or
deny access to any or all of the services based on your requirement:
l any—Access is allowed or denied to all services.
l custom—Available options are TCP, UDP, and Other. If you select the
TCP or UDP options, enter appropriate port numbers. If you select the
Other option, enter the appropriate ID.
NOTE: If Transmission Control Protocol (TCP) and User Datagram
Protocol (UDP) use the same port, ensure that you configure separate
access rules to permit or deny access.
Select any of following actions:
Select Allow to allow access to users based on the access rule.
•
Select Deny to deny access to users based on the access rule.
•
Select Destination-NAT to allow making changes to the destination
•
IP address.
Select Source-NAT to allow making changes to the source IP ad-
•
dress.
Default: All client traffic is directed to the default VLAN.
Tunnel: The traffic from the Network Assigned clients is directed to the
VPN tunnel.
VLAN: Specify the non-default VLAN ID to which the guest traffic
needs to be redirected to.
Select a destination option for the access rules for network services,
applications, and application categories. You can allow or deny access
to any the following destinations based on your requirements.
to all destinations— Access is allowed or denied to all destinations.
•
to a particular server—Access is allowed or denied to a particular
•
server. After selecting this option, specify the IP address of the des-
tination server.
except to a particular server—Access is allowed or denied to serv-
•
ers other than the specified server. After selecting this option, spec-
ify the IP address of the destination server.
to a network—Access is allowed or denied to a network. After se-
•
lecting this option, specify the IP address and netmask for the des-
tination network.
except to a network—Access is allowed or denied to networks other
•
than the specified network. After selecting this option, specify the IP
address and netmask of the destination network.
to domain name—Access is allowed or denied to the specified
•
domains. After selecting this option, specify the domain name in the
Domain Name text box.
Select the Log check box if you want a log entry to be created when
this rule is triggered. SCALANCE W supports firewall-based logging.
Firewall logs on the APs are generated as security logs.
Roles and Policies
15.1 Firewall Policies
245
Hide quick links:
Advertisement
Table of Contents
