Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-Airwave

141

142

143

144

145

146

147

148

149

150

142 | Configuration Reference Dell PowerConnect W-AirWave 7.4 | Configuration Guide

Select Add to complete the configuration of the Policies profile, or click Save to complete the editing of an

existing profile. The new policy appears on the Security > Policies page.

Service Type any Type of traffic, which can be one of the following:

 any: This option specifies that this rule applies to any type of traffic.

 tcp: Using this option, configure a range of TCP port(s) to match for the rule to

be applied.

 udp: Using this option, configure a range of UDP port(s) to match for the rule

to be applied.

 service: Selecting this option creates a new field called Service underneath

Service Type with a drop-down list of pre-defined services (common

protocols such as HTTPS, HTTP, and others) as the protocol to match for the

rule to be applied. Select the pencil icon to edit the Netservice Profile (refer to

“Security > Policies > Services” on page 143), or the plus sign to create a

new Netservice profile.

 protocol: Using this option, specify a different layer 4 protocol (other than

TCP/UDP) by configuring the IP protocol value.

 icmpv6: Use this option to configure ICMPv6. Requires IPv6 enabled.

Action permit Action if rule is applied, which can be one of the following:

reject: deny packets. A new field will appear where you can Send Deny Response

dst-nat: perform destination NAT on packets. New fields appear to specify the

Dual NAT Pool and Dual NAT Port.

dual-nat: perform both source and destination NAT on packets

permit: forward packets

redirect: specify the location to which packets are redirected, which can be one

of the following:

 Datapath Destination ID (0-65535)

 ESI Server Group: specify the ESI server group configured with the esi group

command.

 Tunnel: specify the ID of the tunnel configured with the interface tunnel

command

src-nat: perform source NAT on packets

ICMPv6 Message Type Choose from the informational or error message types. This field appears if IPv6 is

enabled and ICMPv6 is selected in the Service Type field.

Log if ACL is applied No Whether to generate a log message when the rule is applied.

Mirror all session packets No Whether to mirror all session packets to datapath or remote destination.

Queue Priority low Assigns a matching flow to a priority queue (high/low).

Time Range None Define a time range for this rule.

Pause ARM Scanning No Whether to pause Adaptive Radio Management scan activity when traffic is

present. Note that the Scanning setting in the ARM profile should be activated in

order to be paused. Refer to “Profiles > RF > 802.11a/g Radio > ARM Profile

Settings” on page 114 for this setting.

Blacklist user if ACL is

applied

No Whether to blacklist any user.

TOS Value None Value of type of service (TOS) bits to be marked in the IP header of a packet

matching this rule when it leaves the controller.

802.1p Priority None Specify 802.1p priority (0-7).

Table 69 Security > Policies > Add New Policy Fields and Descriptions (Continued)

Field Default Description