Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Brocade Mobility RFS7000-GR Controller System Reference Guide

519

53-1001944-01

Troubleshooting Firewall configuration issues

B

Disabling of telnet, ftp and web traffic from hosts on the untrusted side does not
work.

1. Check the configuration for the desired LAN under FW context (which is under configure

context).

CLI - configure fw <LAN_Name>

2. Check whether ftp, telnet and web are in the denied list. In this case, web is https traffic and

not http.

3. Ensure that "network policy" and "Ethernet port" set to the LAN is correct.

How to block the request from host on untrusted to host on trusted side based on
packet classification.

1. Add a new Classification Element with required Matching Criteria

2. Add a new Classification Group and assigned the newly created Classification Element. Set the

action required.

3. Add a new Policy Object. This should match the direction of the packet flow i.e. Inbound or

Outbound.

4. Add the newly created PO to the active Network Policy.

5. Associate WLAN and Network Policy to the active Access Port Policy.

Any request matching the configured criteria should take the action configured in the
Classification Element.