Device Configuration 5 - 229
Use the
Inbound MAC Firewall Rules
drop-down menus to select the firewall rules to apply to this profile’s Ethernet port
configuration. The firewall inspects MAC traffic flows and detects attacks typically not visible to traditional wired firewall
appliances.
Use the
IPv4 Inbound Firewall Rules
drop-down menu to select the IPv4 specific firewall rules to apply to this profile’s
Ethernet port configuration. IPv4 is a connection less protocol for packet switched networking. IPv4 operates as a best effort
delivery method, as it does not guarantee delivery, and does not ensure proper sequencing or duplicate delivery (unlike
(TCP). IPv4 hosts can use link local addressing to provide local connectivity.
Use the
IPv6 Inbound Firewall Rules
drop-down menu to select the IPv6 specific firewall rules to apply to this profile’s
Ethernet port configuration. IPv6 is the latest revision of the
Internet Protocol
(IP) designed to replace IPv4. IPV6 provides
enhanced identification and location information for computers on networks routing traffic across the Internet. IPv6
addresses are composed of eight groups of four hexadecimal digits separated by colons.
If a firewall rule does not exist suiting the data protection needs of the target port channel configuration, select the
Create
icon to define a new rule configuration or the
Edit
icon to modify an existing firewall rule configuration.
16. If a firewall rule does not exist suiting the data protection needs of the target port configuration, select the
Create
icon to
define a new rule configuration. For more information, see
Wireless Firewall on page 8-2
.
17. Refer to the
Trust
field to define the following:
18. Refer to the
802.1X Settings
field to define the following:
Trust ARP Responses
Select this option to enable ARP trust on this port. ARP packets received on this port
are considered trusted and information from these packets is used to identify rogue
devices within the network. The default value is disabled.
Trust DHCP Responses
Select this option to enable DHCP trust on this port. If enabled, only DHCP responses
are trusted and forwarded on this port, and a DHCP server can be connected only to a
DHCP trusted port. The default value is enabled.
ARP header Mismatch
Validation
Select this option to enable a mismatch check for the source MAC in both the ARP and
Ethernet header. The default value is enabled.
Trust 802.1p COS values
Select this option to enable 802.1p COS values on this port. The default value is
enabled.
Trust IP DSCP
Select this option to enable IP DSCP values on this port. The default value is enabled.
NOTE:
Some vendor solutions with VRRP enabled send ARP packets with Ethernet
SMAC as a physical MAC and inner ARP SMAC as VRRP MAC. If this configuration is
enabled, a packet is allowed, despite a conflict existing.
Host Mode
Select the port mode for 802.1X authentication. Select
single-host
to bridge traffic from
a single authenticated host. Select
multi-host
to bridge traffic from any host to this port.
Guest VLAN
Set the Guest VLAN on which traffic is bridged from a wired port when the selected
port is considered unauthorized.
Summary of Contents for WiNG 5.6
Page 1: ...Motorola Solutions WiNG 5 6 ACCESS POINT SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 22: ...8 WiNG 5 6 Access Point System Reference Guide ...
Page 26: ...1 4 WiNG 5 6 Access Point System Reference Guide ...
Page 38: ...2 12 WiNG 5 6 Access Point System Reference Guide ...
Page 74: ...3 36 WiNG 5 6 Access Point System Reference Guide ...
Page 468: ...6 2 WiNG 5 6 Access Point System Reference Guide Figure 6 1 Configuration Wireless menu ...
Page 568: ...6 102 WiNG 5 6 Access Point System Reference Guide ...
Page 614: ...7 46 WiNG 5 6 Access Point System Reference Guide ...
Page 660: ...8 46 WiNG 5 6 Access Point System Reference Guide ...
Page 716: ...9 56 WiNG 5 6 Access Point System Reference Guide ...
Page 730: ...10 14 WiNG 5 6 Access Point System Reference Guide ...
Page 982: ...14 20 WiNG 5 6 Access Point System Reference Guide ...
Page 984: ...A 2 WiNG 5 6 Access Point System Reference Guide ...
Page 1046: ...B 62 WiNG 5 6 Access Point System Reference Guide ...
Page 1047: ......