Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility Access Point System Reference Guide

545

53-1003100-01

8

FIGURE 6

WLAN Security - IP Firewall Rules - Edit Rule screen

Click the icon within the Description column (top right-hand side of the screen) and select IP filter
values as needed to add criteria into the configuration of the IP ACL.

FIGURE 7

WLAN Security - IP Firewall Rules - IP Firewall Rules Add Criteria screen

NOTE

Only those selected IP ACL filter attributes display. Each value can have its current settings adjusted
by selecting that IP ACL’s column to display a pop-up to adjust that one value.

5. Define the following parameters for the IP Firewall Rule:Select Add as needed to add additional

Precedence

Specify or modify a precedence for this IP policy between 1-1500. Rules with lower precedence are
always applied to packets first. If modifying a precedence to apply a higher integer, it will move
down the table to reflect its lower priority.

Action

Every IP firewall rule is made up of matching criteria rules. The action defines what to do with the
packet if it matches the specified criteria. The following actions are supported:

•

Deny - Instructs the firewall to prohibit a packet from proceeding to its destination.

•

Allow - Instructs the firewall to allow a packet to proceed to its destination.

Source

Select the source for creating the ACL. Source options include:

•

Any – Indicates any host device in any network.

•

Network – Indicates all hosts in a particular network. Subnet mask information has to be
provided for filtering based on network.

•

Host – Indicates a single host with a specific IP address.

•

Alias – Indicates a collection of IP addresses or hostnames or IP address ranges which are
configured as a single unit. This is for ease of configuration of ACLs. When selected, all IP
addresses or hostnames or IP address ranges are used in this ACL.

Destination

Select the destination for creating the ACL. Destination options include:

•

Any – Indicates any host device in any network.

•

Network – Indicates all hosts in a particular network. Subnet mask information has to be
provided for filtering based on network.

•

Host – Indicates a single host with a specific IP address.

•

Alias – Indicates a collection of IP addresses or hostnames or IP address ranges which are
configured as a single unit. This is for ease of configuration of ACLs. When selected, all IP
addresses or hostnames or IP address ranges are used in this ACL.