Wireless Access

Reply
Occasional Contributor II

What is session-acl under ap system-profiles?

Can someone explain what exactly the session-acl under the ap system-profile config is used for and how it differs from an ACL applied to a specific role?

Re: What is session-acl under ap system-profiles?

The AP System profile session ACL is applied to the uplink interface on a RAP. ACLs applied on a role are applied to clients in that role.
Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Occasional Contributor II

Re: What is session-acl under ap system-profiles?

 

 

Can you provide a use-case where you would want to set this up?

 

Our ap system-profiles have always been set to "allowall" for the session-acl.  Someone inadvertantly removed this and it defaulted to "ap-uplink-acl" which ended up breaking wireless-to-wireless communication on the same VLAN between clients.  Everything else seemed to be functioning normally.

 

Why would removing this ACL cause this behavior?

Re: What is session-acl under ap system-profiles?

What's your controller / AP setup like? Do you use RAPs?

Did someone remove the allowall firewall rule from the controller? That could by why.
Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Occasional Contributor II

Re: What is session-acl under ap system-profiles?

Yes, these were RAPs and removing the allowall did create an issue.  When would we want to use these session-ACLs instead of a role-based ACL?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: