09-21-2018 10:34 AM
Hi, I'm running an HA pair of Aruba OAW-7210 with a few SSID's tied to a few VLAN's. Wanted to know if there is a way to create an MAC ACL for a specific SSID to allow traffic from specific MAC OUI, on that VLAN, to a few designated servers only. Essentially, blocking specific MAC from accessing anything else but what is listed in the policy.
I realize this would be a much easier task if I had RADIUS or Clearpass but circumstance dictates otherwise.
I appreciate the help.
Solved! Go to Solution.
09-21-2018 11:33 AM
- Create a role with your filtered ACLS
- Create a user derivation rule where if the mac OUI is seen it assigns users to that role. https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-use-the-user-derivation-rule-to-set-the-role-using-a/ta-p/182426
- Assign that user derivation rule to the AAA profile assigned to that Virtual AP:
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars