beautypg.com

Ip filter configuration - example, Creating a global filter – Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Page 196

background image

184

Brocade Mobility 7131 Access Point Product Reference Guide

53-1002517-01

5

The screen displays with both the Default Incoming Deny and Default Outgoing Deny
checkboxes selected by default. Consequently, if you enable IP filtering but do not apply
any filters that allow IP traffic, then no IP traffic will be forwarded, as the default deny
settings have precedence.

2. Use the Filter name drop menu to select an existing filter.

3. Set the Direction as Incoming or Outgoing as required.

4. Apply an Action of Allow or Deny to permit or restrict the rules of this filter in the direction

selected.

5. Select Add to apply the filter(s) (and their rules and permissions) to the LAN or WLAN.

6. Click OK add the IP filter to the LAN or WLAN. Navigating away from the screen without clicking

OK results in all changes to the screens being lost.

7. Click Cancel to securely exit the IP Filtering screen without saving your changes.

For additional examples of how to configure IP Filter policies for both an access point
WLAN and LAN, see IP Filter Configuration - Example on page 5-184.

IP Filter Configuration - Example

The following describes how to setup a global filter, apply it to a WLAN or LAN and review statistics
to assess the filter’s configuration.

Creating a Global Filter

A global filter contains IP packet parameters that need to be matched where the filter is applied.
These parameters include protocol number (TCP, ICMP etc.), port range, source IP range and
destination IP range. Though an IP filter can be created using either the access point applet or CLI,
the following example uses the CLI:

admin(network.ipfilter)>add icmp1 ICMP ALL ALL 10.1.1.1 10.1.1.10 11.1.1.1

11.1.1.10

admin(network.ipfilter)>show

-----------------------------------------------------------------------------

--

Idx Name Protocol Port-Start-End SrcIP-Start-End DstIP-Start-End In-Use

See also other documents in the category Brocade Computer Accessories: