5-12
Cisco Wireless LAN Controller Configuration Guide
OL-9141-03
Chapter 5 Configuring Security Solutions
Configuring Access Control Lists
Step 8 Repeat this procedure to add any additional ACLs.
Step 9 To apply an ACL to a management, AP-manager, or dynamic interface, choose the desired ACL from the
ACL Name drop-down box on the interface’s Edit page and click Apply. See Chapter 3 for more
information on configuring controller interfaces.
Note You cannot apply an ACL to the NPU-CPU interface through the GUI. You can configure this
setting only through the CLI.
Step 10 To apply a preauthentication ACL to a WLAN for an external web server, choose the desired ACL from
the Preauthentication ACL drop-down box under Security Policies > Web Policy on the WLAN’s Edit
page. See Chapter 6 for more information on configuring WLANs.
Step 11 Click Save Configuration to save your changes.
Using the CLI to Configure Access Control Lists
Follow these steps to configure ACLs using the controller CLI.
Step 1 To see all of the ACLs that are configured on the controller, enter this command:
show acl summary
Step 2 To see detailed information for a particular ACL, enter this command:
show acl detailed acl_name
Step 3 To add a new ACL, enter this command:
config acl create acl_name
You can enter up to 32 alphanumeric characters for the acl_name parameter.
Step 4 To add a rule for an ACL, enter this command:
config acl rule {
action acl_name rule_index {permit | deny} |
add acl_name rule_index |
change index acl_name old_index new_index |
destination address acl_name rule_index ip_address netmask |
destination port range acl_name rule_index start_port end_port |
direction acl_name rule_index {in | out | any} |
dscp acl_name rule_index dscp |
protocol acl_name rule_index protocol |
source address acl_name rule_index ip_address netmask |
source port range acl_name rule_index start_port end_port |
swap index acl_name index_1 index_2}
Refer to Step 6 in the previous section for explanations of the rule parameters.
To Next Page
Loading...
Need help?
General
