User Guide
Configuring Firewall Roles and Policies 77
Chapter 8
Field Explanation
Expected/recommended
values
1.
Firewall Policies This will consist of the
policies that will define the
privileges of a user in this
role.
The field called Location is
used when a policy is
meant to be used only in a
particular location. As an
example, the administrator
can configure access to the
HTTP protocol only in
conference rooms and
lobbies. The location code
is in the
building.floor.location
format. The location code
can be a specific AP or a
set of APs by using the
wildcard value of 0.
There are three options to add
a firewall policy to a user role:
z Choose from configured
policies: Select a policy
from the list of configured
policies and click the
“Done” button to add the
policy to the list of policies
in the user role. If this pol-
icy is to be applied to this
user role only for specific
locations, the applicable
location codes can be
entered in the field called
“Location”
z Create a new policy from
configured policy: This
option can be used to cre-
ate a new policy that is
derived from an existing
policy.
z Create a new policy: This
option is useful in creating
a new policy. The rules for
the policy can be added as
explained in step 1.a.iii
above.
2.
Re-authenticatio
n interval
3.
Role Vlan-ID By default, a user is
assigned a VLAN on the
basis of the ingress VLAN
for the user to the switch.
This feature can be used to
over ride this assignment
and provide role-based
VLANs.
If this option is required,
configure the VLAN ID that is
to be assigned to the user
role. Note: This VLAN ID
needs to be configured with
the IP configuration for this to
take effect.