Dell PowerConnect W-IAP92 Dell Instant 6.1.3.4-3.1.0.0 User Guide - Page 225
Dynamic Blacklisting, Authentication Failure Blacklisting, Session Firewall Based Blacklisting
View all Dell PowerConnect W-IAP92 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 225 highlights
4. Click Ok. The Blacklisted Since tab displays the time at which the current blacklisting started for the client. 5. To delete a client from the manual blacklist, select the MAC Address of the client under the Manual Blacklisting window and then click Delete. Dynamic Blacklisting The clients can be blacklisted dynamically when they exceed the authentication failure threshold or a blacklisting rule was triggered as part of the authentication process. Authentication Failure Blacklisting When the time taken by a client fails to authenticate exceeds the configured threshold, the client is automatically blacklisted by an IAP. Session Firewall Based Blacklisting In session firewall based blacklisting, an ACL rule is used to enable the option for automation blacklisting. when the ACL rule is hit, it would send out blacklist information and the client would be blacklisted. To set the blacklist duration: 1. Select the PEF link and then select Blacklisting tab. Auth failure blacklist time- Enter the duration since the blacklisting has been triggered when the authentication failure threshold is exceeded. PEF rule blacklisted time- Enter the duration since the blacklisting has been triggered when a blacklisting rule has been triggered. NOTE: In the Networks tab, click the New link and go to New WLAN > VLAN > Security page to enable Blacklisting. Set a value between 1 to 10 in the max authentication failures field for the selected SSID. To enable session firewall based blacklisting, click New and navigate to WLAN Settings > VLAN > Security > Access window and enable the Blacklist option of the corresponding ACL rule. Figure 204 Dynamic Blacklisting PEF Settings Firewall ALG Configuration Instant firewall now supports the ALG (Application Layer Gateway) functions such as SIP, Vocera, Alcatel NOE, and Cisco Skinny protocols. To enable or disable the protocols for ALG in Dell Instant perform the following steps: 1. Select PEF from the top right of the Instant UI. 2. Select PEF Settings tab. 3. Select Enabled from the corresponding drop-down list to enable SIP, VOCERA, Alcatel NOE, and Cisco skinny protocols. Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide Policy Enforcement Firewall | 225