Advanced, Tcp/udp port, Adding tcp/udp port filters – Proxim AP-4000 User Manual

Advanced Configuration

AP-4000 Series User Guide

Filtering

83

• Wired MAC Address: 01:00:5E:00:32:4B
• Wired Mask: FF:FF:FF:FF:FF:FF
• Wireless MAC Address: 00:00:00:00:00:00
• Wireless Mask: 00:00:00:00:00:00

Result: The Access Point does not forward any packets that have a destination address of 01:00:5E:00:32:4B to the
wireless network.

Advanced

You can configure the following advanced filtering options:

• Enable Proxy ARP: Place a check mark in the box provided to allow the Access Point to respond to Address

Resolution Protocol (ARP) requests for wireless clients. When enabled, the AP answers ARP requests for wireless
stations without actually forwarding them to the wireless network. If disabled, the Access Point will bridge ARP
requests for wireless clients to the wireless LAN.

• Enable IP/ARP Filtering: Place a check mark in the box provided to allow IP/ARP filtering based on the IP/ARP

Filtering Address and IP Mask. Leave the box unchecked to prevent filtering. If enabled, you should also configure the
IP/ARP Filtering Address and IP/ARP IP Mask.
–

IP/ARP Filtering Address: Enter the Network filtering IP Address.

–

IP/ARP IP Mask: Enter the Network Mask IP Address.

The following protocols are listed in the Advanced Filter Table:

• Deny IPX RIP
• Deny IPX SAP
• Deny IPX LSP
• Deny IP Broadcasts
• Deny IP Multicasts

The AP can filter these protocols in the wireless-to-Ethernet direction, the Ethernet-to-wireless direction, or in both
directions. Click Edit and use the Status field to Enable or Disable the filter.

TCP/UDP Port

Port-based filtering enables you to control wireless user access to network services by selectively blocking TCP/UDP
protocols through the AP. A user specifies a Protocol Name, Port Number, Port Type (TCP, UDP, or TCP/UDP), and
filtering interfaces (Wireless only, Ethernet only, all interfaces, or no interfaces) in order to block access to services, such
as Telnet and FTP, and traffic, such as NETBIOS and HTTP.

For example, an AP with the following configuration would discard frames received on its Ethernet interface with a UDP
destination port number of 137, effectively blocking NETBIOS Name Service packets.

Adding TCP/UDP Port Filters

1. Place a check mark in the box labeled Enable TCP/UDP Port Filtering.
2. Click Add under the TCP/UDP Port Filter Table heading.
3. In the TCP/UDP Port Filter Table

,

enter the Protocol Names to filter.

Protocol Type

(TCP/UDP)

Destination Port

Number

Protocol Name

Interface

Status (Enable/Disable)

UDP

137

NETBIOS Name
Service

Ethernet

Enable