Reset Search
 

 

Article

How to create IP address firewall HiveManager classic

« Go Back

Information

 
TitleHow to create IP address firewall HiveManager classic
Symptoms

Goal

  • IP based firewalls can be used to grant or deny access to the network based on the IP address destination or source of an address.

Note

  • The maximum number of firewall rules you can have in one firewall policy is 64.
Environment
  • HiveManager Classic
Cause
Resolution
  • Go to configure

  • Open the Network Policy in use. 

    • If this is a new SSID click Add/Remove under User Profiles
    • If this is an existing SSID click the name of the User Profile currently in use.

User-added image

  • If this is a new user profile click New

User-added image

  • If this is an existing User Profile, Click on the gear icon next to the User Profile name and choose Edit
 
  • Expand the Firewalls section.

User-added image

  • There are some default firewall objects built in already, such as the Guest internet access only firewall object, which will allow users on the SSID using this user profile to only browse the internet and will not have access to internal resources such as printers or servers

 

  • If this is a new firewall object you can create a new firewall rule in the object by clicking on the plus icon at the right hand side of the new window and specify a source IP address, Destination IP address, Service, Action, and logging option. 

User-added image

  • The Source IP address is where the traffic will be coming from.

  • The destination IP address is where the traffic will be going to.

    • You can also specify a service like Facebook or Netflix.
  • The action will be deny or allow

  •  Set what level of logging you want to enable.

 
  • It is possible to set any of these fields to "any" and only specifying one field.

    • For example if you want to deny traffic going to a specific internal server you can leave Source IP and service to any, and set the destination IP address, and select deny for the action.
  • When making a custom firewall policy, it is recommended to include the following rules.

    • Keep in mind, the firewall will apply the rules in top down order.

      • A rule for the network service "DHCP-Server" at the very top with the action set to permit

      • Arule for the network service "DNS" bellow the DHCP rule with the action set to permit

      • A rule for the network service "any", source and destination "any", at the very bottom of the firewall rules with the action set to permit.

        • These rules will allow a client to get a DHCP address, DNS, navigate to the internet, and the any resources within the subnet the client is on. 

User-added image

  • Save the firewall rules

  • Save the change in the user profile

  • Push a configuration update out for the changes to take affect. 

Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255