Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

This thread has been viewed 0 times

  • 1.  Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

    Posted Jul 18, 2016 07:52 PM

    We have 150+ Aruba IAP-205 access points in VC clusters for each site using different subnets.  We are looking to setup a guest network to only allow HTTP and HTTPS access.  I found a guide to help setup everything you will need to accomplish this.  I have the Guest SSID working but I don't want end users to be able to type in IP's of servers via HTTP / HTTPS.  

     

    Granted, it takes them to a login screen for that service (content filter, spam filter, etc.) but I would rather they get nothing.

     

    Here is what I currently have configured for Access in this order:

    • Allow dhcp to all destinations + log
    • Allow dns to all destinations + log
    • Allow http to all destinations + log
    • Allow https to all destinations + log 
    • Deny any to all destinations

    I was hoping I could block our server's at the bottom of the list via VLANs or IP address range.  I didn't see anywhere to do this.

     

    Thanks, experts.

     

     

     

     



  • 2.  RE: Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?
    Best Answer

    EMPLOYEE
    Posted Jul 18, 2016 07:55 PM

    When you're building your firewall policies, you should see a network and host options in the destination drop down.



  • 3.  RE: Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

    Posted Jul 19, 2016 11:51 AM

    That was it.  Glad it was an easy solution.

     

    Thanks for the help.