Configuring firewall settings, Configuring, Firewall settings – Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual

146

Brocade Mobility 5181 Access Point Product Reference Guide

53-1002516-01

Configuring firewall settings

6

8. Configure the Fast Roaming (802.1x only) field as required to enable additional Mobility 5181

Access Point roaming and key caching options. This feature is applicable only when using
802.1x EAP authentication with WPA2/CCMP.

NOTE

PMK key caching is enabled internally by default when 802.1x EAP authentication is enabled.

9. Click the Apply button to save any changes made within this New Security Policy screen.

10. Click the Cancel button to undo any changes made within the WPA2/CCMP Settings field and

return to the WLAN screen. This reverts all settings to the last saved configuration.

Configuring firewall settings

The Mobility 5181 Access Point's firewall is a set of related programs located in the gateway on the
WAN side of the Mobility 5181 Access Point. The firewall uses a collection of filters to screen
information packets for known types of system attacks. Some of the Mobility 5181 Access Point's
filters are continuously enabled, others are configurable.

Use the Mobility 5181 Access Point’s Firewall screen to enable or disable the configurable firewall
filters. Enable each filter for maximum security. Disable a filter if the corresponding attack does not
seem a threat in order to reduce processor overhead. Use the WLAN Security screens (WEP,
Kerberos etc.) as required for setting user authentication and data encryption parameters.

To configure the Mobility 5181 Access Point firewall settings:

1. Select Network Configuration -> Firewall from the Mobility 5181 Access Point menu tree.

2. Refer to the Global Firewall Disable field to enable or disable the Mobility 5181 Access Point

firewall.

3. Refer to the Timeout Configuration field to define a timeout interval to terminate IP address

translations.

Pre-Authentication

Selecting this option enables an associated Client to carry out an
802.1x authentication with another Mobility 5181 Access Point
before it roams to it. The Mobility 5181 Access Point caches the
keying information of the client until it roams to the other Mobility
5181 Access Point. This enables the roaming client to start
sending and receiving data sooner by not having to do 802.1x
authentication after it roams. This feature is only supported when
802.1x EAP authentication is enabled.

Disable Firewall

Select the Disable Firewall checkbox to disable all firewall
functions on the Mobility 5181 Access Point. This includes firewall
filters, NAT, VP, content filtering, and subnet access. Disabling the
Mobility 5181 Access Point firewall makes the Mobility 5181
Access Point vulnerable to data attacks and is not recommended
during normal operation if using the WAN port.