Yes, a user role can be used to restrict (or allow) certain types of traffic.
I would caution restricting only port 443 traffic until verifying if other traffic types are required like DHCP/DNS/NTP/etc.
@Uni_SKF_BT_123 wrote:
can we have an acl configured on the wlc , to restrict the ssid subnet only for ssl traffic on port 443 ?
if this could be done, then this acl just needs to be applied on the user-role rather than logon-role right ?