Configuring an ACL to Restrict Local Debug Homepage Access
A user in split or bridge role using aRemote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.can log on to the local debug (LD) homepage
You will require thePEF政策Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel.NGlicense to use this feature. For complete information on the centralized licensing requirements, refer to theArubaMobility MasterLicensing Guide. |
Any user associated to that role can be allowed or denied access to the LD homepage. You can use thelocalipkeyword in theACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.rule to identify the local IP address on theRemote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.. Thelocalipkeyword identifies the set of all local IP addresses on the system to which theACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.is applied. The existing keywordsManaged Deviceandmswitchindicate only the primary IP address on theManaged Device.
This release ofArubaOSprovides localip keyword support only for Remote AP and not forManaged Device. |
The following procedure describes how to configure anACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.to restrict local debug homepage access:
1.In thenode hierarchy, navigate to the>tab.
2.Clickto create a new policy.
3.Enter the policy name in thefield.
4.From thedrop-down list, select.
5.Click.
6.To create the first rule:
a.Select the policy created.
b.Clickin thetable .
c.Select thein thedialog box.
d.Click.
7.Enter the following details in thetable:
e.From thedrop-down list, selector.
f.Selectfrom thedrop-down list.
g.Selectfrom thedrop-down list.
h.Selectfrom thedrop-down list.
i.Selectfrom thedrop-down list.
j。Selectfrom thedrop-down list.
k.Click.
8.Click.
9.In thewindow, select the check box and click.
The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configure anACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.to restrict local debug homepage access:
Use thelocalipkeyword in the user roleACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..
All users have anACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.entry of typeany any denyby default. This rule restricts access to all users. When theACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.is configured for a user role, if auser any permitACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.rule is configured, add a denyACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port.before that forlocalipfor restricting the user from accessing the LD homepage.
Example:
(host) [md] (config) #ip access-list session logon-control
user localip svc-http deny
user any permit
