Product and Software: This article applies to RAP2 or RAP5 and ArubaOS 5.0 and later.After an RAP is up running, the RAP console URL "rapconsole.arubanetworks.com" is not accessible by bridge and split-tunnel users. This URL is not accessible by these users, by default, for security reasons.However, if the URL must be accessible even after the RAP is running, make the following configuration changes:For a bridge user, the user role needs to be:any any any permitoruser any any route src-nat (at the end)or specifically, put as the first ACL:user localip svc-http permit
For a split-tunnel user, the user role needs to be:user any any route src-nat (at the end)oruser localip svc-http route src-nat (at the top)
Likewise, to block user access to rapconsole.arubanetworks.com from bridge or split-tunnel users:
user localip svc-http deny(at the top)
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.