Extreme Networks

Justme555 · 3 weeks ago

Hi,

I have followed these steps to block an application on an SSID fine..

https://community.extremenetworks.com/t5/aerohive-migrated-content/how-do-i-block-applications-on-a-...

However If I have a computer plugged into the 2nd wired interface of an AP4020 as an 'Access Port', there is a way to configure the firewall for this port in the same way So I can block certain applications?

Thanks

carlo968rojer · 3 weeks ago

Hello,

You must leverage the User Profile as the bridge between your firewall rules and the physical port. In Cloud IQ, application visibility and control are tied to the User Profile rather than the SSID itself; therefore, you should edit the User Profile intended for your wired clients and ensure your existing Application Service rule is applied under the Security tab. Once the profile is ready, navigate to your Device Template for the AP4020, set the ETH1 port to Access Port mode, and assign that specific User Profile as the Default User Profile for the interface. After pushing a configuration update to the AP, the device will perform Layer 7 inspection on all traffic entering the physical port, successfully blocking the specified applications just as it does for wireless clients.

verve card info

Justme555 · 3 weeks ago

Or is there a way to apply a firewall rule to a device? Ie, block a certain application either if its connected wireless or wired?

Nithisha · 3 weeks ago

Hi ,

Regarding blocking applications on the AP’s wired interface: this is not supported.

Application-based filtering can be applied only to client traffic, and only after it has been processed by the forwarding engine. As a result, the traffic will still arrive at the AP before any application-level blocking is enforced.

https://extreme-networks.my.site.com/ExtrArticleDetail?an=000098583

Regards,

Nithisha

Extreme Networks

o Block application on AP Wired Interface

o Block application on AP Wired Interface