Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Management remote access control

This thread has been viewed 0 times

  • 1.  Management remote access control

    Posted Dec 02, 2014 02:11 AM

    Hi,

     

    I have two enquiries on my 7030 controller and we just have basic AP license. Please advise.

     

    1. Could we just permit a specifc IP range (to a specific interface) to access the management portal and SSH to controller?

    2. If we configure IP address on vlan 2 and vlan 3, how can we block the routing between these two vlans?

     

    Thanks,

    Samantha



  • 2.  RE: Management remote access control
    Best Answer

    EMPLOYEE
    Posted Dec 02, 2014 06:57 AM

    1.   Yes.  Please see the article here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/What-is-the-function-of-service-ACL-in-6-3-or-How-do-I-block/ta-p/176402

    and here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-we-create-IPv4-and-IPv6-service-ACL-s-and-how-do-we/ta-p/176396

     

    2.  If you are trying to block a user from going from one VLAN to another, you can just attach a firewall policy to the user role that says source- user, destination <that vlan network>, any, block.



  • 3.  RE: Management remote access control

    Posted Dec 03, 2014 03:38 AM

    Hi,

     

    Is it possible to diable rouitng between vlans?

     

    Thanks,

    Samantha



  • 4.  RE: Management remote access control
    Best Answer

    EMPLOYEE
    Posted Dec 03, 2014 04:40 AM

    If you do not expect the client to do anything outside of that VLAN, you can enable "no ip routing":

     

    config t
interface vlan 116
no ip routing