hi am trying to block 7010 WLC admin portal access (port: 4343) from Guest network but its not happening.
we created a policy (block-internal-access) (source: user, Destination: controller IP, Service: tcp 4343, action: deny) and added to Post Logon Role (Auth-Guest Role) and mapped Auth-Guest Role to Captive Portal.
captive portla add on initial Role (Guest-Logon), Guest-Logon role add on AAA (dot1x-PSK) and finally mapped to Virtual AP.
but guest users still able to access WLC admin portal login page.
2. Auth-Guest Role
Are you sure that is the role that your users are in?
yes, it could be.
we have created a local user (as a guest) and role is assigned to Guest SSID. how can we confirm this.
also could you please help me to clarify on thing Firewall /Auth-Guest Role is assigned to Guest SSID(ex: AWNICA-GUEST), so once we assign any firewall /access-list to this SSID /AAA policy all connected user (user who is connected to this SSID) have the configured restriction, am i correct.
You have to type "show user" on the commandline or look at the user table on the monitoring page to find out what the current role of the user is.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.