Installation guide
D-114 Motorola RF Switch System Reference Guide
D.8 Wireless Filters
Wireless filters can be applied to specific WLANs to grant or deny access to MUs based on individual or
ranges of MAC addresses. Wireless filters may be applied to one or more WLANs and are used to grant or
deny access to MUs during association.
Wireless filters can be used for multiple applications including blacklisting malicious devices as well as
providing an additional layer of security less secure WLANs by restricting access to specific devices.
Wireless filters may be applied to the RF Switch using the CLI and Web UI or from an Motorola AirDefense
Enterprise server when a threat is detected.
Wireless filters can be used for multiple applications including blacklisting malicious devices as well as
providing an additional layer of security for less secure WLANs by restricting access to specific devices.
Wireless filters can be applied to the RF Switch using the CLI or switch Web UI or from an AirDefense
Enterprise server.
Wireless filters are only used to allow or deny MUs from associating with a WLAN, and are not intended to
filter layer 2 traffic passing through the switch. To restrict or limit traffic at layer 2, MAC firewall rules can
be created to permit or deny traffic based on specific (or wildcard) source or destination MAC addresses.
D.8.1 Configuring a Wireless Filter
The following sections outline the configuration steps required to enable wireless filters on a switch:
• Wireless Filters that Deny
• Wireless Filters that Allow
To view the running configuration on the RFS6000 switch used to create this wireless filter tutorial, refer
to RF Switch Running Configuration on page D-120.
D.8.1.1 Requirements
The following requirements must be met prior to attempting the wireless filter configuration described in this
section:
• One (or more) RF Switches are installed and operational on the network
• One (or more) Access Ports configured and adopted by the RF Switch