Controllerless Networks

Reply
Highlighted
New Contributor

Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

We have 150+ Aruba IAP-205 access points in VC clusters for each site using different subnets.  We are looking to setup a guest network to only allow HTTP and HTTPS access.  I found a guide to help setup everything you will need to accomplish this.  I have the Guest SSID working but I don't want end users to be able to type in IP's of servers via HTTP / HTTPS.  

 

Granted, it takes them to a login screen for that service (content filter, spam filter, etc.) but I would rather they get nothing.

 

Here is what I currently have configured for Access in this order:

  • Allow dhcp to all destinations + log
  • Allow dns to all destinations + log
  • Allow http to all destinations + log
  • Allow https to all destinations + log 
  • Deny any to all destinations

I was hoping I could block our server's at the bottom of the list via VLANs or IP address range.  I didn't see anywhere to do this.

 

Thanks, experts.

 

 

 

 


Accepted Solutions
Highlighted
Moderator

Re: Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

When you're building your firewall policies, you should see a network and host options in the destination drop down.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

When you're building your firewall policies, you should see a network and host options in the destination drop down.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
New Contributor

Re: Is it possible to block VLANs / IP ranges for SSIDs using the Aruba IAP-205 VC interface?

That was it.  Glad it was an easy solution.

 

Thanks for the help.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: