User's Manual
Virtual Network configuration
hwc_vnsconfiguration.fm
Configuring filtering rules for a VNS
A31003-W1050-U100-2-7619
, March 2008
200 HiPath Wireless Controller, Access Points and Convergence Software V5 R1 , C20/C2400 User Guide
• Select the Allow checkbox applicable to the rule you defined.
9. To edit the order of filters, click the filter, and then click the Up and Down
buttons. The filtering rules are executed in the order you define here.
10. To save your changes, click Save.
Note: Administrators must ensure that the non-authenticated filter allows
access to the corresponding authentication server:
• Internal Captive Portal – IP address of the VNS interface
• External Captive Portal – IP address of external Captive Portal server
6.9.2.1 Non-authenticated filter examples
A basic non-authenticated filter for internal Captive Portal should have three
rules, in the following order:
Note: For external Captive Portal, an additional rule to Allow (in/out) access to
the external Captive Portal authentication/Web server is required.
If you place URLs in the header and footer of the Captive Portal page, you must
explicitly allow access to any URLs mentioned in the authentication's server
page, such as:
• Internal Captive Portal – URLs referenced in a header or footer
• External Captive Portal – URLs mentioned in the page definition
Here is another example of a non-authenticated filter that adds two more filtering
rules. The two additional rules do the following:
• Deny access to a specific IP address.
• Allows only HTTP traffic.
In Out Allow IP / Port Description
x x x IP address of default
gateway (VNS Interface
IP)
Allow all incoming wireless devices
access to the default gateway of the VNS.
x x x IP address of the DNS
Server
Allow all incoming wireless devices
access to the DNS server of the VNS.
x x *.*.*.* Deny everything else.
Table 15 Non-authenticated filter example A