Wireless Access

Reply
Occasional Contributor I

What are the different between Walled Garden and ACL?

Hi all bros,

 

I'm examined Walled Garden & ACLs to find out how to co-ordinate these two configuration tools with external Captive Portal. But very confused how these two configs affects my user experience.

 

I'm confused when reading the definiton of Walled Garden and ACL.

Walled Garden: control user's access to web or service

ACL: permit or denied data packet through IAP

 

I need your help to clarify the different between the usage of Walled Garden and ACL. When to use which one?

  • Could you explain each phases that are applied when a client associates to WIFI and gains access to internet?
  • Which phases involved the configuration of Walled Garden or ACL rule?
  • What's happened if I whtilelist a service in Walled Garden but denied it in ACL rule?

Thank in advanced!

 

Guru Elite

Re: What are the different between Walled Garden and ACL?

Use ACL/firewall rules to whitelist services.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor I

Re: What are the different between Walled Garden and ACL?


cappalli wrote:

Use ACL/firewall rules to whitelist services.


Thanks for your answer.

 

  • Could you explain each phases that are applied when a client associates to WIFI and gains access to internet?
  • Which phases involved the configuration of Walled Garden or ACL rule?
  • What's happened if I whtilelist a service in Walled Garden but denied it in ACL rule?
Guru Elite

Re: What are the different between Walled Garden and ACL?

Not sure. I never use walled garden and only use ACLs/firewall policies.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor I

Re: What are the different between Walled Garden and ACL?


cappalli wrote:

Not sure. I never use walled garden and only use ACLs/firewall policies.


Thank you.

I'm examined walled garden & ACLs to find out how to co-ordinate these two configuration tools with external Captive Portal. But very confused how these two configs affects my user experience.

Guru Elite

Re: What are the different between Walled Garden and ACL?

I would just use the ACLs/firewall policies and not use walled garden at all.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: What are the different between Walled Garden and ACL?

Walled Garden is a method to 'punch holes' in your captive portal, and is based on DNS names. You typically use this to allow your corporate website, or allow traffic from your mobile app through the captive portal without users need to login. The analogy of a walled garden is that you can access everything within the wall, but nothing outside.

 

Session based ACLs are stateful firewall rules that are on the destination IP/port/domain/application. These ACLs are bound to roles, and are typically used for the access after authentication.

 

With recent Aruba Instant firmware, you can apply a 'pre-authentication role' for captive portal, which provides you similar functionality as the walled garden in ACL format. So you probably can use either way, where ACLs seem to provide the most flexibility, and Walled Garden is probably easier to configure.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: