3Com WX4400 3CRWX440095A User Manual

Page 409

background image

Restricting Client-To-Client Forwarding Among IP-Only Clients

409

Setting 802.11b/g Radios to 802.11b (for Siemens SpectraLink VoIP
Phones only)

If you plan to use Siemens SpectraLink Voice over IP (VoIP) phones, you
must change the MAP radios that will support the phones to operate in
802.11b mode only. This type of phone expects the MAP to operate at
802.11b rates only, not at 802.11g rates. To change a radio to support
802.11b mode only, use the radiotype 11b option with the set ap
command.

Disabling RF Auto-Tuning Before Upgrading a SpectraLink Phone

If you plan to upgrade a SpectraLink phone using TFTP over a MAP, 3Com
recommends that you disable RF Auto-Tuning before you begin the
upgrade. This feature can increase the length of time required for the
upgrade. You can disable RF Auto-Tuning on a radio-profile basis. Use the
following commands:

set radio-profile name auto-tune channel-config disable
set radio-profile
name auto-tune power-config disable

Restricting
Client-To-Client
Forwarding Among
IP-Only Clients

You can use an ACL to restrict clients in a VLAN from communicating
directly at the IP layer. Configure an ACL that has ACEs to permit traffic to
and from the router (gateway), an ACE that denies traffic between all
other addresses within the subnets, and another ACE that allows traffic
that doesn’t match the other ACEs.

AN ACL can restrict IP forwarding but not Layer 2 forwarding. To restrict
Layer 2 forwarding, see “Restricting Layer 2 Forwarding Among Clients”
on page 94.

For example, to restrict client-to-client forwarding within subnet
10.10.11.0/24 in VLAN vlan-1 with router 10.10.11.8, perform the
following steps:

1 Configure an ACE that permits all traffic from the gateway IP address to

any other IP address:

WX1200# set security acl ip c2c permit 10.10.11.8 0.0.0.0

2 Configure an ACE that permits traffic from any IP address to the router IP

address:

WX1200# set security acl ip c2c permit ip 0.0.0.0
255.255.255.255 10.10.11.8 0.0.0.0