Wireless Access

Reply
Occasional Contributor II
Posts: 13
Registered: ‎07-31-2013

Does ACL white lists block traffic through the controller or only to the controller

Hi,

I am reading the manual time after time, but cannot understand if the ACL white list will block/rate limit only traffic to the controller or also through the controller. It seems to be a feature that do not require PEFNG, but apply to all traffic hitting the controller.

 

Maybe my brain has to be improved :-)

 

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: Does ACL white lists block traffic through the controller or only to the controller

It depends where ACLs are applied.

 

In general:

ACLs applied to a ROLE only affect users in that role.

ACLs applied to a physical interface affect all traffic going through that interface.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 13
Registered: ‎07-31-2013

Re: Does ACL white lists block traffic through the controller or only to the controller

Hmm,

This type of ACL does not have a name or number so how do I apply it to a role or interface?

I have seen that I can apply a bandwisth contract to a role (with PEFNG a.f.a.i.k.), but not the white list. Can you refer to a manual page where this is done?

 

(config-fw-cp) #ipv4 permit 10.10.10.10 2.2.2.2 proto ftp bandwidth-contract name mycon
tract

 

Thanks!

Occasional Contributor II
Posts: 13
Registered: ‎07-31-2013

Re: Does ACL white lists block traffic through the controller or only to the controller

and my question still remains. 

All traffic thrrough the controller or only to the controller?

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: Does ACL white lists block traffic through the controller or only to the controller

The specific command in your example is traffic to and from the management plane (control plane) of the controller.  The equivalent in the real world is called a service acl.  It has no effect on the users on a controller, but mainly devices that would communicate with a controller, like access points, management users who would SSH and WEB into the controller to configure it, etc.

 

Information on that specific command is here:  http://www.arubanetworks.com/techdocs/ArubaOS_6.4.4.x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/firewall_cp.htm



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: