Reset Search
 

 

Article

What firewall policy should be used on WiNG devices?

« Go Back

Information

 
TitleWhat firewall policy should be used on WiNG devices?
Question
What firewall policy should be used on WiNG devices?
Environment
  • All Summit WM3000 Series Controllers
  • ExtremeWiNG Controllers
  • WiNG Controllers
  • WiNG Access Points
  • WiNG Acess Points
  • WiNG v5.X Software
Answer
If device is directly connected to the Internet default policy will be the best.
Usually controllers and access points will be behind company firewall and recommended firewall policy is in this case following:

firewall-policy default
 no ip dos smurf
 no ip dos twinge
 no ip dos invalid-protocol
 no ip dos router-advt
 no ip dos router-solicit
 no ip dos option-route
 no ip dos ascend
 no ip dos chargen
 no ip dos fraggle
 no ip dos snork
 no ip dos ftp-bounce
 no ip dos tcp-intercept
 no ip dos broadcast-multicast-icmp
 no ip dos land
 no ip dos tcp-xmas-scan
 no ip dos tcp-null-scan
 no ip dos winnuke
 no ip dos tcp-fin-scan
 no ip dos udp-short-hdr
 no ip dos tcp-post-syn
 no ip dos tcphdrfrag
 no ip dos ip-ttl-zero
 no ip dos ipspoof
 no ip dos tcp-bad-sequence
 no ip dos tcp-sequence-past-window
 no ip-mac conflict
 no ipv6 strict-ext-hdr-check
 no ipv6 unknown-options
 no ipv6 duplicate-options
 no ipv6 option strict-hao-opt-check
 no ipv6 option strict-padding
 no ipv6-mac conflict
 no ipv6-mac routing conflict

 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255