Table of Contents
Advertisement
Table 17: Filtering rules by filter ID example A
In
Out
Allow
IP/Port
x
x
*.*.*.*:22-23
x
x
[specific IP address, range]
x
x
x
*.*.*.*.
The second example does the opposite of the first example. It allows some specific access and denies
everything else.
Table 18: Filtering rules by filter ID example B
In
Out
Allow
IP/Port
x
x
x
[specific IP address, range]
x
x
*.*.*.*.
Filtering rules for a default filter
After authentication of the wireless device user, the default filter will apply only after:
No match is found for the Exception filter rules.
No filter ID attribute value is returned by the authentication server for this user.
No match is found on the Summit WM Controller for a filter ID value.
The final rule in the default filter should be a catch-all rule for any traffic that did not match a filter. A
final Allow All rule in a default filter will ensure that a packet is not dropped entirely if no other match
can be found. WM-AD Policy is also applicable for Captive Portal and MAC-based authorization.
To define the filtering rules for a default filter:
1 From the main menu, click WM Access Domain Configuration. The WM Access Domain
Configuration page is displayed.
2 In the left pane WM Access Domains list, click the WM-AD you want to define the filtering rules for
a default filter. The Topology tab is displayed.
3 Click the Filtering tab.
Summit WM User Guide, Software Version 5.3
Description
SSH and telnet sessions
Deny all traffic to a specific IP address or address
range
Allow everything else
Description
Allow traffic to a specific IP address or address
range.
Deny everything else.
189
Advertisement
Table of Contents
