Applying a firewall rule to a wireless access point (or switch)

Question

On my network, I have different &ldquo;MAC host&rdquo; defined for my various devices which I associate with firewall rules. I use UniFi managed switches and Apple Airport wireless access points on my network which also have a &ldquo;MAC host&rdquo; defined for them and are associated with a firewall rule. 
 My question is, let&rsquo;s say I have a computer associated with firewall rule #1 and a wireless AP associated with firewall rule #2. This computer is connected to the network via the wireless AP. In this situation, are both firewall rule #1 and #2 settings/policies being applied to traffic going to/from the computer since it&rsquo;s connected to the wireless AP? In other words, is all of that traffic essentially being scanned twice (assuming I have malware and content scanning enabled on both rules)?

Vishal_R · Accepted Answer

Hi shred : Yes correct the rule for Apple Wiresless AP in this case will be for that device generated traffic it self. For rest of the traffic coming from machines/devices behind that Wireless AP, XG will check rules from top to bottom as XG is acting as in gateway for them and based on matching condition it will pass the traffic via matching rule and based on that matching rule policy and scanning action will be applicable.

Applying a firewall rule to a wireless access point (or switch)

Top Replies