Environment : This Article applies to all Aruba controllers and coder versions.
Aruba controllers uses stateful firewall. ACLs are applied to roles into which the user falls.A user falls into a role in these situations:
For these users, you can define the access levels in the roles based upon the ACLs. However if a user connects to a wired port that is trusted, you cannot limit his access based upon roles. You must apply the ACLs to the wired interface.ExampleTo allow only a few clients to get web and SSH access to the controller from the trusted wired ports, follow these steps:
Thus to summarize:1. We can put an ACL on any wired port on Aruba controller.2. The port need not be trusted for the ACL to take effect.3. The user will not fall in a role and the traffic will be dropped as defined by ACL.3. If the port is untrusted and there is an ACL applied on the interface, the traffic denied by the ACL will NOT hit the session acl as per defined by the role in "aaa authentication wired".
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.