Header Only - DO NOT REMOVE - Extreme Networks

Policy Manager and Extreme Wireless

Userlevel 2
we are using policy manager with extreme wireless controller happily, however, i have a scenario that i am unable to deal with,

- rule action is contain to vlan.
- we allow specific IP sockets from PM.
- we deny all private IP ranges , so that users gain internet access but no access to local resources.

this is workign fine, the rouble came when we have been asked to allow ICMP to specif IPs, when we allow the protocal ICMP, it is ordered below the deny statements in the wireless controller (so it does not take effect) , and also i did not find a way to limit ICMP it to specific IP address destination.

any suggestions?

1 reply

Userlevel 6
ICMP being a different ethertype, the IP rules do not apply here. I would suggest allowing or not allowing it at all for a specific role.