Black Box LWN602A User Manual page 115

Smartpath enterprise wireless system

Hide thumbs Also See for LWN602A:

User manual (196 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

Table of Contents

NOTE: If you need to rearrange a set of policy rules, select the checkbox to the left of a rule, and then click the Up and Down

buttons on the right to move the selected rule to a new position.

The rules in this policy allow clients to access a DHCP and DNS server to get their network settings and resolve DNS queries so

that they can access the captive web portal. They deny traffic to all private IP address spaces, thus blocking access to the internal

network. Rules 7–9 allow HTTP and HTTPS traffic so that guests can browse the public network and they allow IKE and NAT-T

traffic so that they can make VPN connections back to their corporate sites. Finally, Rule 10 logs all outgoing packets that

SmartPath APs drop because the firewall blocked them.

To save the firewall policy and close the dialog box, click "Save."

NOTE: You do not have to create a policy to control incoming traffic because you will set the default action to deny all incoming

and outgoing traffic not specified in any of the policy rules.

User Profile

A user profile contains the rate control and queuing QoS settings, VLAN, firewall policies, tunnel policy, and schedules that you

want the SmartPath AP to apply to traffic from certain users. Because the SSID in this example uses a preshared key for user

authentication, you can assign a single user profile to it.* The SmartPath AP then applies the various settings in the user profile to

all traffic on this SSID.

*An SSID using a preshared key supports a single user profile. An SSID using 802.1X authentication can support multiple user

profiles.

To define a user profile so that SmartPath APs can apply the appropriate QoS settings, VLAN, and firewall policies to all traffic on

that SSID, click Configuration > User Profiles > New, enter the following, leave the other settings as they are, and then click Save:

Name: Self-reg-guests(3)

The number 3 is included as part of the user profile name so that you can easily know its attribute number when looking

at the user profile name.

Attribute Number: 3

You must enter an attribute number that is unique for the WLAN policy to which the user profile is attached. Although

you can define different user profiles with the same attribute number in SmartPath EMS, the attribute number must be

unique for each user profile that appears in the same WLAN policy. You can set an attribute number between 1 and

4095. (The default user profile "default-profile", which cannot be deleted, uses attribute 0.)

Chapter 9: Common Configuration Examples

Figure 9-15. Firewall policy rules.

724-746-5500 | blackbox.com

Page 115

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

Lwn602ae Lwn602ha Lwn602hae

Black Box LWN602A User Manual page 115

Chapters

Related Manuals for Black Box LWN602A

Related Products for Black Box LWN602A

This manual is also suitable for:

Table of Contents