Wireless Access

Hi,

I am reading the manual time after time, but cannot understand if the ACL white list will block/rate limit only traffic to the controller or also through the controller. It seems to be a feature that do not require PEFNG, but apply to all traffic hitting the controller.

Maybe my brain has to be improved :-)

It depends where ACLs are applied.

In general:

ACLs applied to a ROLE only affect users in that role.

ACLs applied to a physical interface affect all traffic going through that interface.

Hmm,

This type of ACL does not have a name or number so how do I apply it to a role or interface?

I have seen that I can apply a bandwisth contract to a role (with PEFNG a.f.a.i.k.), but not the white list. Can you refer to a manual page where this is done?

(config-fw-cp) #ipv4 permit 10.10.10.10 2.2.2.2 proto ftp bandwidth-contract name mycon
tract

Thanks!

and my question still remains. 

All traffic thrrough the controller or only to the controller?

The specific command in your example is traffic to and from the management plane (control plane) of the controller.  The equivalent in the real world is called a service acl.  It has no effect on the users on a controller, but mainly devices that would communicate with a controller, like access points, management users who would SSH and WEB into the controller to configure it, etc.

Information on that specific command is here:  http://www.arubanetworks.com/techdocs/ArubaOS_6.4.4.x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/firewall_cp.htm