Controller-less WLANs

What is domain-name based ACL and how to configure on Instant AP?

by on ‎07-08-2014 01:52 PM

Introduction : Domain-based ACL is similar regular ACL's but the destination is mentioned as domain name instead of destination IP address. Access to specific domains is allowed or denied based on the ACL rule definition.

Feature Notes :

 

Starting from InstantOS 6.3.1.1-4.0, Instant supports configuration of domain-based Access Control List (ACL) rule.

 

Environment : This article applies to Aruba Instant Access Points running InstantOS version.

 

Configuration Steps :

 

Following images show the configuration of domain-based ACL on Instant AP web interface:
 
  1. Login to web interface of Instant AP
  2. Click "New" to create a new SSID or select the network and click "Edit"
  3. Navigate to the "Access" section.
     
NOTE: By default, a role with the SSID name is automatically created. For example, in the below image the SSID name is "Employee-Wireless' and role by the same name is created.
 
  • Select the role and click on "New" for the Access Rules


User-added image

Below, in the image the clients are not allowed to access youtube. Any packet reaching to the domain "youtube" will be denied access.



User-added image



User-added image

 

Verification :

 

Verification of the configuration can be done from GUI or CLI. Following image shows the command line screen shot:


User-added image


 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.