Manualshelf

User's Manual Part 3

ManualsBrandsCascade Networks ManualsElectronicsMotorola Canopy compatible Wireless Internet Acces
81828384858687888990
Release8OperationsGuide
Issue2,November2007 Draft5forRegula toryReview 384
The following are example situations in which you can configure protocol filtering where
NAT is disabled:
If you block a subscriber from only PPoE and SNMP, then the subscriber retains
access to all other protocols and all ports.
If you block PPoE, IPv4, and Uplink Broadcast, and you also check the
All others selection, then only Address Resolution Protocol is not filtered.
The ports that are filtered as a result of protocol selections in the Protocol Filtering tab of
the SM are listed in Table 54. Further information is provided under Protocol Filtering Tab
of the SM on Page 292.
Table 54: Ports filtered per protocol selections
Protocol
Selected
Port Filtered (Blocked)
SMB
Destination Ports 137 TCP and UDP,
138 UDP, 139 TCP, 445 TCP
SNMP
Destination Ports 161 TCP and UDP,
162 TCP and UDP
Bootp Client Source Port 68 UDP
Bootp Server Source Port 67 UDP
22.6 ENCRYPTINGDOWNLINKBROADCASTS
An AP can be enabled to encrypt downlink broadcast packets such as the following:
ARP
NetBIOS
broadcast packets containing video data on UDP.
The encryption used is DES for a DES module, and AES for an AES module. Before the
Encrypt Downlink Broadcast feature is enabled on the AP, air link security should be
enabled on the AP.
22.7 ISOLATINGSMs
In the Release 8 or later AP, you can prevent SMs in the sector from directly
communicating with each other. In CMMmicro Release 2.2 or later, you can prevent
connected APs from directly communicating with each other, which prevents SMs that
are in different sectors of a cluster from communicating with each other.
In the AP, the SM Isolation parameter is available in the General tab of the Configuration
web page. In the drop-down menu for that parameter, you can configure the SM Isolation
feature by any of the following selections:
Disable SM Isolation (the default selection). This allows full communication
between SMs.
Block SM Packets from being forwarded. This prevents both
multicast/broadcast and unicast SM-to-SM communication.