02-27-2013 01:10 PM
I would like to provision a guest network via our 800 mobility controller to 20 remote access points over 5 sites.
I would like the following to occur:
1) Guest network should only be available 7am to 7pm Monday to Friday and 7am to 2pm Saturday
2) Guests should only have access to the internet - nothing else.
3) At the moment, i only want to use the internal database account system. However, I have an entry in there for our remote access points. I don't want this account to be potentially used for authenticating. Can this be isolated?
We have the PEF licence.
I want to achieve this using 'best practice' from the experts at Airheads so any pointers or help from you guys would be helpful.
Many thanks in advance.
02-27-2013 10:01 PM - edited 02-27-2013 10:04 PM
1.Build a time range profile and add it to the access role u giving to your guests/ssid
You could use the 'time range' function found under access control to set up periods of the day/week where access is not permitted.
You then apply the time ranges to the policies under the role(s) you would like to have control over.
Alternatively you can place a 'deny time range' on an entire SSID. So that would, as an example, block guests from connecting after hours, or on weekends easily.
2.use the default guest role after captive login (fit it or duplicate it to your needs,it's allowing only basic net services and http/HTTPS)
3.You can build a role in the guest-logon - that will blacklist/or drop - an AP-role users/AP connectivity via the captive portal.
All your answers are in this guide:
have a lovely day.
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************