Controller Based WLANs

How do bridge or split-tunnel users access rapconsole.arubanetworks.com after an RAP is running?

Aruba Employee

Product and Software: This article applies to RAP2 or RAP5 and ArubaOS 5.0 and later.

After an RAP is up running, the RAP console URL "rapconsole.arubanetworks.com" is not accessible by bridge and split-tunnel users. This URL is not accessible by these users, by default, for security reasons.

However, if the URL must be accessible even after the RAP is running, make the following configuration changes:

For a bridge user, the user role needs to be:
any any any permit
or
user any any route src-nat (at the end)
or specifically, put as the first ACL:
user localip svc-http permit


For a split-tunnel user, the user role needs to be:
user any any route src-nat (at the end)
or
user localip svc-http route src-nat (at the top)


Likewise, to block user access to rapconsole.arubanetworks.com from bridge or split-tunnel users:

user localip svc-http deny(at the top)

Version history
Revision #:
1 of 1
Last update:
‎07-03-2014 10:54 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.