Configuring Ip Filtering - Motorola AP-51 Series Product Reference Manual

5. If the MD5 authentication method is selected, fill in the
Enter any numeric value between 0 and 256 into the
of up to 16 alphanumeric characters in the
6. Click the OK
changes.

5.6 Configuring IP Filtering

Use the access point's IP filtering functionality to determine which IP packets are processed normally
by the access point and which are discarded. If discarded, a packet is deleted and ignored (as if never
received). The allow/deny mechanism used by IP filtering makes it similar to an access control list
(ACL).
IP filtering supports the creation of up to 18 filter rules enforced at layer 3. Once defined (using the
access point's SNMP, GUI or CLI), filtering rules can be enforced on the access point's LAN1 or LAN2
interfaces and within any of the 16 access point WLANs. An additional default action is also available
denying traffic when filter rules fail. Lastly, imported and exported configurations retain their defined
IP filtering configurations.
IP filtering is a network layer facility. The IP filtering mechanism does not know anything about the
application using the network connections, only the connections themselves. For example, you can
deny user access to an internal network on the default telnet port, but if you rely on IP filtering alone,
you cannot stop people from using the telnet program with a port you allow to pass through your
firewall.
There are a couple of important rules a packet adheres to when its compared with the filter policy list:
• Packets are always filtered in sequential order (filtering always begins with the first filter
policy displayed in the
screen is invoked for LANs within the LAN1 or LAN2 screen and for WLANs within the New
WLAN or Edit WLAN screen. It's from this screen that allow or deny designations are set for
IP filtering.
• Packets are compared with lines of the filter policy list until a match is made. Once a packet
matches a line of the list, it's acted upon, and no further comparisons take place. If inspected
packets are determined to not be IP packets, it permitted by the access point for its inbound
or outbound destination.
Once you create a filter policy, apply it to an interface in either an incoming or outgoing direction.
button to return to the Router screen. From there, click
IP Filtering screen, then the second, third, and so on). The IP Filtering
Key #1 field (Key #2 is optional).
MD5 ID area. Enter a string consisting
MD5 Auth Key area.
Network Management
Apply to save the
5-75