Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

186

Brocade Mobility 7131 Access Point Product Reference Guide

53-1002517-01

5

Adding a filter to LAN 1 for outbound traffic results in the inspection of packets at point A. Both
packets out the physical port and wireless transmissions are checked. Adding a filter to WLAN 1 for
inbound traffic results in the inspection of packets at point B. Even though WLAN 2 is on LAN 1, its
packets are unaffected. Adding a filter to WLAN 3 for inbound traffic results in the inspection of
packets at point C.

Default rules must also be set upon enabling IP filtering on a LAN or WLAN. By default, when IP
filtering is enabled, all inbound and outbound traffic is disabled. Default filters are applied when no
other applied filter is matched.

When applying multiple filters, the filter which matches first is applied. In this sense the filter
priority is the order of the list from top to bottom.

Creating a WLAN IP Filter Policy

The following example uses the access point CLI:

admin(network.wireless.wlan.ipfpolicy)>set mode 1 enable

admin(network.wireless.wlan.ipfpolicy)>add 1 icmp1 incoming deny

admin(network.wireless.wlan.ipfpolicy)>show 1

-------------------------------------------------------------------------

Idx Filter-Name Direction Action

-------------------------------------------------------------------------

1 icmp1 incoming deny

IP Filter Mode : enable

Default Incoming Action : allow

Default Outgoing Action : allow

admin(network.wireless.wlan.ipfpolicy)>