What is domain-name based ACL and how to configure on Instant AP?

Aruba Employee
Aruba Employee

Introduction : Domain-based ACL is similar regular ACL's but the destination is mentioned as domain name instead of destination IP address. Access to specific domains is allowed or denied based on the ACL rule definition.

Feature Notes :


Starting from InstantOS, Instant supports configuration of domain-based Access Control List (ACL) rule.


Environment : This article applies to Aruba Instant Access Points running InstantOS version.


Configuration Steps :


Following images show the configuration of domain-based ACL on Instant AP web interface:
  1. Login to web interface of Instant AP
  2. Click "New" to create a new SSID or select the network and click "Edit"
  3. Navigate to the "Access" section.
NOTE: By default, a role with the SSID name is automatically created. For example, in the below image the SSID name is "Employee-Wireless' and role by the same name is created.
  • Select the role and click on "New" for the Access Rules

User-added image

Below, in the image the clients are not allowed to access youtube. Any packet reaching to the domain "youtube" will be denied access.

User-added image

User-added image


Verification :


Verification of the configuration can be done from GUI or CLI. Following image shows the command line screen shot:

User-added image



Version history
Revision #:
1 of 1
Last update:
‎07-08-2014 01:52 PM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: