Wireless Access

Reply
Contributor I
Posts: 31
Registered: ‎12-01-2014

Management remote access control

Hi,

 

I have two enquiries on my 7030 controller and we just have basic AP license. Please advise.

 

1. Could we just permit a specifc IP range (to a specific interface) to access the management portal and SSH to controller?

2. If we configure IP address on vlan 2 and vlan 3, how can we block the routing between these two vlans?

 

Thanks,

Samantha

Guru Elite
Posts: 20,764
Registered: ‎03-29-2007

Re: Management remote access control

1.   Yes.  Please see the article here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/What-is-the-function-of-service-ACL-in-6-3-or-How-do-I-block/ta-p/176402

and here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-we-create-IPv4-and-IPv6-service-ACL-s-and-how-do-we/ta-p/176396

 

2.  If you are trying to block a user from going from one VLAN to another, you can just attach a firewall policy to the user role that says source- user, destination <that vlan network>, any, block.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 31
Registered: ‎12-01-2014

Re: Management remote access control

Hi,

 

Is it possible to diable rouitng between vlans?

 

Thanks,

Samantha

Guru Elite
Posts: 20,764
Registered: ‎03-29-2007

Re: Management remote access control

If you do not expect the client to do anything outside of that VLAN, you can enable "no ip routing":

 

config t
interface vlan 116
no ip routing

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: