
Configuring the SCALANCE IWLAN Controller
Configuring the SCALANCE IWLAN Controller for the First Time
SCALANCE WLC711
User Guide, V8.11, 07/2012, C79000-G8976-C260-03 2-27
If management traffic is explicitly enabled for any interface, access is implicitly extended to that
interface through any of the other interfaces (VNS). Only traffic specifically allowed by the
interface’s exception filter is allowed to reach the SCALANCE IWLAN Controller itself. All other
traffic is dropped. Exception filters are dynamically configured and regenerated whenever the
system's interface topology changes (for example, a change of IP address for any interface).
Enabling management traffic on an interface adds additional rules to the exception filter, which
opens up the well-known IP(TCP/UDP) ports, corresponding to the HTTPS, SSH, and SNMP
applications.
The interface-based built-in exception filtering rules, in the case of traffic from wireless users, are
applicable to traffic targeted directly for the topology L3 interface. For example, a filter specified
by a Policy may be generic enough to allow traffic access to the SCALANCE IWLAN Controller's
management (for example, Allow All [*.*.*.*]). Exception filter rules are evaluated after the user's
assigned filter policy, as such, it is possible that the policy allows the access to management
functions that the exception filter denies. These packets are dropped.
To Enable SSH, HTTPS, or SNMP Access Through a Physical Data Interface:
1. From the top menu, click Wireless Controller. The Wireless Controller Configuration screen
is displayed.
2. In the left pane, click Topologies. The Topologies tab is displayed.
3. On the Topologies tab, click the appropriate data port topology. The Edit Topology window
displays.
4. Select the Management Traffic checkbox if the topology has specified an L3 IP interface
presence.
5. To save your changes, click Save.
Kommentare zu diesen Handbüchern