Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch

361

362

363

364

365

366

367

368

369

370

Switch Security 6-41

5. To create a new WLAN Firewall rule configure the following information:

6. Refer to the Status field for the state of the requests made from applet. This field displays error

messages if something goes wrong in the transaction between the applet and the switch.

7. Click OK to use the changes to the running configuration and close the dialog.

8. Click Cancel to close the dialog without committing updates to the running configuration.

6.4.13 Configuring Denial of Service (DoS) Attack Firewall Rules

To review Denial of Service Attack firewall rules:

1. Select Security > Wireless Firewall from the main tree menu.

WLAN Index Select a WLAN index number from the drop-down menu. This number is

configured on the wireless LAN configuration page.

Broadcast Storm

Threshold

Enter the Broadcast Storm Threshold for each interface. When the rate of

broadcast packets exceeds the high threshold configured for an interface, packets

are throttled till the rate falls below the configured rate. Thresholds are configured

in terms of packets per second. The valid threshold range is 0-1000000 packets per

second.

Multicast Storm

Threshold

Enter the Multicast Storm Threshold for each interface. When the rate of multicast

packets exceeds the high threshold configured for an interface, packets are

throttled till the rate falls below the configured rate. Thresholds are configured in

terms of packets per second. The valid threshold range is 0-1000000 packets per

second.

Unknown Unicast

Storm

Enter the Unknown Unicast Storm Threshold for each interface. When the rate of

unknown unicast packets exceeds the high threshold configured for an interface,

packets are throttled till the rate falls below the configured rate. Thresholds are

configured in terms of packets per second. The threshold range is 0-1000000

packets per second.

Allowed MU denies

per sec

Configure the permissible number of denied packets per second that a mobile unit

on this WLAN may send before it is deauthenticated. The threshold range is 0-

1000000 packets per second.

MU Deauthenticate Configure whether or not mobile unit deauthentication is enabled for each WLAN.

If MU Deauthenticate is enabled any associated mobile unit which hit the

thresholds configured for storm traffic will be deauthenticated. To enable

deauthentication, check the box.

DHCP Trust Displays whether the Interface is DHCP trusted or not, If the interface is DHCP

trusted then the DHCP Request will forward to the External DHCP Server

otherwise it will not. Always the Internal DHCP servers are trusted in nature.

When ever the interface is DHCP trusted, then it is marked as GREEN and if it not

DHCP trusted it will mark in RED “X”. To enable DHCP trust, check the box.

ARP Trust Configure whether or not ARP is trusted by the Layer 2 firewall. If ARP is trusted,

ARP traffic is not subjected to Layer 2 firewall rules. To enable ARP trust, check

the box.

ARP Rate Enter the ARP threshold.The ARP threshold determines the number of ARP packets

permissible per second. Rates can be between 0 and 1000000