Configuring Denial Of Service (Dos) Attack Firewall Rules - Motorola RFS Series System Reference Manual
Wireless lan switches wing system
Hide thumbs
Also See for RFS Series:
- Reference manual (948 pages) ,
- Reference manual (506 pages) ,
- Reference manual (1054 pages)
Table of Contents
Advertisement
5. To create a new WLAN Firewall rule configure the following information:
WLAN Index
Broadcast Storm
Threshold
Multicast Storm
Threshold
Unknown Unicast
Storm
Allowed MU denies
per sec
MU Deauthenticate
DHCP Trust
ARP Trust
ARP Rate
6. Refer to the
Status
messages if something goes wrong in the transaction between the applet and the switch.
7. Click
OK
to use the changes to the running configuration and close the dialog.
8. Click
Cancel
6.4.14 Configuring Denial of Service (DoS) Attack Firewall Rules
To review Denial of Service Attack firewall rules:
1. Select
Security
2. Click the
Configuration
3. Click the
DoS Attack
Select a WLAN index number from the pull-down menu. This number is configured
on the wireless LAN configuration page.
Enter the Broadcast Storm Threshold for each interface. When the rate of
broadcast packets exceeds the high threshold configured for an interface, packets
are throttled till the rate falls below the configured rate. Thresholds are configured
in terms of packets per second. The valid threshold range is 0-1000000 packets per
second.
Enter the Multicast Storm Threshold for each interface. When the rate of multicast
packets exceeds the high threshold configured for an interface, packets are
throttled till the rate falls below the configured rate. Thresholds are configured in
terms of packets per second. The valid threshold range is 0-1000000 packets per
second.
Enter the Unknown Unicast Storm Threshold for each interface. When the rate of
unknown unicast packets exceeds the high threshold configured for an interface,
packets are throttled till the rate falls below the configured rate. Thresholds are
configured in terms of packets per second. The threshold range is 0-1000000
packets per second.
Configure the permissible number of denied packets per second that a mobile unit
on this WLAN may send before it is deauthenticated. The threshold range is 0-
1000000 packets per second.
Configure whether or not mobile unit de-authentication is enabled for each
WLAN. If
MU Deauthenticate
the thresholds configured for storm traffic will be deauthenticated. To enable de-
authentication, check the box.
Select to enable DHCP trust on this WLAN. When disabled, any DHCP packets
received on the interface is dropped.
Select to enable ARP trust on this WLAN. ARP packets received on this interface
are considered trusted and information from these packets is used to identify
rogue devices.
Enter the Address Resolution Protocol (ARP) threshold.The ARP threshold
determines the number of ARP packets permissible per second. Rates can be
between 0 and 1000000
field for the state of the requests made from applet. This field displays error
to close the dialog without committing updates to the running configuration.
>
Wireless Firewall
from the main tree menu.
tab.
tab.
is enabled any associated mobile unit which hit
6-43
Switch Security
- Quick Links:
- Accessing the Switch Web Ui
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
