Westermo RM-80 User Manual

Page 30

Advertising
background image

30

6193-4201

The Filter comprises of two lists: one of MAC Addresses and another listing IP protocol
details. Each list may be set as either a blacklist (to block traffic for listed devices and
protocols), or as a whitelist (to allow traffic for listed devices and protocols). The Filter
operates on two rules listed below.

1. A Blacklist has priority over a whitelist. Traffic matching detail in a blacklist will be dis-

carded if it also appears in a whitelist.

2. When one or both lists are whitelists, traffic must have matching detail in at least one

of the whitelists for it to be passed. Note that, as this must agree with rule 1 above,
the traffic detail must not match anything in a blacklist, if present, for it to be passed.

When configuring a Whitelist it is important to add the Addresses of all devices connect-
ed to the RM-80 wired Ethernet port, that communicate over the wireless link. It is par-
ticularly important to add the Address of the configuration PC to the Whitelist. Failure
to add this address will prevent the configuration PC from making any further changes
to configuration. Design of the filter may be simplified by monitoring network traffic and
forming a profile of traffic on the wired network. Network Analysis software, such as the
freely available Ethereal program, will list broadcast traffic sent on the network.

For example, Computer B
sees the computer D via
Ethernet Modems C & E. The
White Filtering requires that
at Modem C has computer B
in its white list, Modem E has
computer D in its Whitelist.
Computer A will be not be
able to access Computer D, as
Computer A is not present in the Whitelist in Modem C.

It is advisable to use the Apply Changes button to test the configuration entered. Once
the configuration is determined to be correct, the Apply Changes and Save button should
be used. In the event that the configuration is incorrect, a power reset will revert the unit
to previously saved configuration.

If an erroneous configuration has prevented all access to the module, SETUP
mode may be used analyze what is wrong with the configuration. Simply switch
the dipswitch to SETUP and cycle power. The RM-80 will retain its configuration, however
will load up at IP address 192.168.0.1XX, netmask 255.255.255.0 with the radio and filter
disabled. The XX in the IP address is the last two digits of the serial number. Configuration
webpages will still show the original configuration. No changes are made to configuration
until the user saves changes. To resume normal operation, set the dipswitch to RUN and
cycle power.

6XXZhhEd^ci
7g^Y\Z

A6C

8a^Zci

7g^Y\Z

&.'#&+-#%#,'

&.'#&+-#%#()

6

7

8

9

:

&.'#&+-#%#,'

Advertising
Popular Brands
Popular manuals