Wireless Networks Thread, Blocking ports on Meru Wireless - HOW? in Technical; Hello All,
I am trying to block the use of iMessage and Facetime on iPads on our wireless network. I ...
24th January 2013, 01:45 PM #1
Blocking ports on Meru Wireless - HOW?
I am trying to block the use of iMessage and Facetime on iPads on our wireless network. I know the ports I need to block, but can anyone shed light on how I might program this into a meru wireless system, or into the settings for a Vlan on an HP managed switch? I am not the most experienced person when dealing with these types of systems, so an 'idiots guide' would be helpful!
24th January 2013, 01:54 PM #2
It would be better to do it on the firewall by VLAN.
24th January 2013, 02:15 PM #3
Configuration > QOS > System Settings > QOS and Firewall Rules.
Thanks to twin--turbo from:
maniac (24th January 2013)
24th January 2013, 02:18 PM #4
If there system is configured so that the client user/machines are on a vlan that can be controlled by the FW.
Originally Posted by CyberNerd
It can be done on Meru Firewall, and on the HP usigng ACL's on the vlan.
24th January 2013, 02:27 PM #5
I've been told by our broadband support that iDevices using iMessage and Facetime between each other internally don't go anywhere outside the network, the communication is directly between the devices, hence the need to block this internally and not on the firewall. Our firewall is not aware of our internal VLANS anyway, but we do have a good setup with seperate VLANS for various aspects of the system all on managed switches.
Originally Posted by CyberNerd
Cheers twin--turbo I will have a look at those settings on the Meru controller, that should be a good enough pointer to get me going.
24th January 2013, 03:33 PM #6
You may need to block all inter-client traffic on the wireless to prevent clients talking to each other. This is not too hard with Meru's firewall.
24th January 2013, 03:46 PM #7
Any ideas how? I'm not overly familiar with the Meru configuration, it was setup for us and I've only made minor changes to it since. I could get the company who set it up to come in and do this, but obviously they'll charge us so I thought I'd have a look myself first, afterall how hard could it be. More tricky than I thought as I don't really understand the way the firewall settings work on the Meru box.
Originally Posted by twin--turbo
24th January 2013, 04:09 PM #8
Well to block P2P traffic
have a rule
Src IP (IP of wifi network )
mask ( Mask of wifi Network )
Dest IP (IP of wifi network)
mask (Mask of wif Network)
Set it to match on Src and Dest IP
You will need a rule befor that with the destination as your default route for that vlan to pass. ( so that traffic can get to the rest of the network )
And then some further rules to block and other ports you don't want to go through the router.
25th January 2013, 11:00 AM #9
Happy to help out directly if you need it, firstname.lastname@example.org and email@example.com
It's something a lot of schools are looking to do and its a regular question
25th January 2013, 11:20 AM #10
Originally Posted by mhowell
And that's how we know how it's done thanks to Mark & Paul.
Better to stop the traffic sooner rather than later in teh chain if possible
By midobashir in forum Enterprise Software
Last Post: 14th May 2012, 10:49 AM
By mons in forum How do you do....it?
Last Post: 30th November 2011, 09:18 AM
By nicholab in forum Thin Client and Virtual Machines
Last Post: 10th October 2009, 04:41 PM
By timbo343 in forum Windows
Last Post: 22nd March 2006, 12:38 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)