What is 128 ACL suppport in IAP 4.1

Aruba Employee

Question: What is 128 ACL suppport in IAP 4.1

 

 

Starting with IAP release 4.1 – number of ACE entries supported in an ACL has been increased to 128 and Internally this has been achieved by optimizing ACL organization within Instant AP.

  1. Each access rule used to be expanded to 4 rules internally, now this has been reduced to just 2 ACLs
  2. Data structure optimization (Total number of ACL rules with all roles added up is still the same)


Configuration                           

  • UI -  Navigate to Security >> Roles , the existing Roles Tab will allow 128 ACE entries now. (The WLAN wizard and Wired Profile will allow up to 128 ACE entries now)
  • From CLI , wlan access-rule and inbound firewall will allow up to 128 ACE entries


wlan access-rule Guest_SSID
rule <dest><mask><match/invert>{app<app>{permit|deny}|appcategory<appgrp>}[<option1....option9

Debugging

  • show datapath acl-rule <name> displays the access rules within an ACL.


As a conclusion from 4.1 ACE entries supported in an ACL has optimized upto 128.

Version history
Revision #:
1 of 1
Last update:
‎08-14-2014 12:14 PM
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.