This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

To which interfaces (radio or wired) are the user based ip filter options "inbound/outbound" associated (AP 230)?

To which interfaces (radio or wired) are the user based ip filter options "inbound/outbound" associated (AP 230)?

Go to solution
andreas_brueck
New Contributor

‎04-03-2019 10:48 AM

Dear all,

 

we are using the Hivemanager NG (build version 12.8.1.2-NGVAMAY18 ) to configure the user based ip filters. As access points we are using the AP230 (HiveOS 8.3r4 Mayberry build-195604 ).

 

I do not really understand, to which interfaces the user based ip filter options "inbound/outbound" are linked?

 

For example: If a packet/frame arrives on the wireless interface (Cient --> AP230), will be the inbound ACL executed? Or will be the inbound ACL executed, when a packet/frame comes for the wired interface (accessswitch --> AP 230)?

 

And what is with the outbound ACL's? To make it more understandable please take a look on the two following figures:

 

797aa9a268984845b468c4ef7bfb7e61_0690c000007saUWAAY.png

 

Difference Inbound-Outbound

 

I am happy if someone can explain it to me 🙂

 

Regards,

Andreas

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
ashley_finch
Contributor III

‎04-03-2019 12:22 PM

Hi Andreas,

 

Looking at your rule name I'd guess you're trying to block Netflix therefore you'd keep this as an outbound rule. i.e. if the client tries to access Netflix, the AP would usually forward this traffic out to the internet (an outbound rule (Client -> AP)). Thus an inbound rule would be the opposite of this (AP -> Client)

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
ashley_finch
Contributor III

‎04-09-2019 11:33 AM

Hi Andreas,

 

I believe that would be correct for blocking just wireless clients, but you may need it outbound also if there are other devices on the network (from my understanding!). Depending on what traffic you need between different clients you may be able to disable inter-station traffic from within the Policy optional settings.

0 Kudos

Go to solution
andreas_brueck
New Contributor

‎04-09-2019 09:20 AM

Hey Ashley,

 

thank you very much for the explanation.

 

Could you also answer me the following question please:

 

If i define a rule for example to block mDNS between wireless clients, which are connected to the same access point, is a inbound rule the right choice?

0 Kudos

Go to solution
ashley_finch
Contributor III

‎04-03-2019 12:22 PM

Hi Andreas,

 

Looking at your rule name I'd guess you're trying to block Netflix therefore you'd keep this as an outbound rule. i.e. if the client tries to access Netflix, the AP would usually forward this traffic out to the internet (an outbound rule (Client -> AP)). Thus an inbound rule would be the opposite of this (AP -> Client)

0 Kudos
GTM-P2G8KFN