Controllerless Networks

Contributor II

Console Access Permissions for the IAP



I have an IAP-215 configured as a standalone AP.


I know that the console access can be completely disabled so that CLI access is disabled.


However, is there any way to disable this selectively?  For example, I don't want a wireless client device to be able to use a tool like putty to access the CLI or even allow a wireless to be able to access the WebUI.  The goal here is to only allow CLI/console/WebUI access via either the physcial console or ethernet port.


Is there any way to do this?  Would user roles or access rules or similar settings for the WLAN configuration be able to handle this?




Re: Console Access Permissions for the IAP

You can take the approach with access rules for the wireless users (roles) you want to prevent access to ssh (port 22/tcp) and the WebUI (port 4343/tcp)


Another option is the Management access configuration (Security -> Inbound Firewall) to set the IP subnets from which you want to allow management (and management traffic from other source IPs is then denied).

If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
Showing results for 
Search instead for 
Did you mean: