Security, WIDS/WIPS and Aruba ECS

Reply
Occasional Contributor II
Posts: 17
Registered: ‎06-06-2010

Isolating Guest Vlans

Hi All,

I need to deny all intranet traffic and only allow webbrowsing for the guest Wlan .How can i achieve this ??

I dont have a PEF liscence

The OS is 5.2 3600 controllers

Thanks in advance
Aruba Employee
Posts: 664
Registered: ‎04-15-2009

Re: Isolating Guest Vlans

Without the PEF license, you can't create new user roles. Since you can't create new user roles, you can't control guest traffic utilizing only the controller. You would have to put the guests in a VLAN that had an ACL on the upstream router/firewall to control traffic.

Your best option would be to purchase the PEF-NG license for the number of APs you own and create a role for guests the only allowed DHCP, DNS and HTTP (and possibly HTTPS if you want to allow it).
Occasional Contributor II
Posts: 17
Registered: ‎06-06-2010

Re: Isolating Guest Vlans

HI

Is there a way i can place an acl in the aruba controller itself without having PEF firewall liscence ?
Guru Elite
Posts: 21,515
Registered: ‎03-29-2007

Re: Isolating Guest Vlans

No. It is the firewall license that allows you to create ACLs...


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: