We're implementing access control in the iAP for the first time - formerly done in upstream firewall, but it's time to allow one SSID better access than another.
The process seems straight forward, but I'm confused about direction.
The 6.3.1.1-4.0 User Guide states: "You can create rules for either inbound traffic or outbound traffic."
I've got a bunch of rules which appear to work exactly like I wish from wireless client to specific destination hosts, but I can't figure out how to enter a rule allowing a specific host to access one of the wireless clients.
three questions:
1. With regards to the iAP firewall, what is "inbound" and what is "outbound?"
2. It appears that the rules are tested sequentially and the first match is acted on, is that correct?
3. How do I allow a server in the wired network to access a client in the SSID/role covered by the ACL?