Chapter 5
Configuring Security Solutions
Using the CLI to Apply Access Control Lists
Follow these steps to apply ACLs using the controller CLI.
Perform any of the following:
Step 1
•
•
•
•
•
To save your settings, enter this command:
Step 2
save config
OL-17037-01
To apply an ACL to a management, AP-manager, or dynamic interface, enter this command:
config interface acl {management | ap-manager | dynamic_interface_name} acl_name
Note
To see the ACL that is applied to an interface, enter show interface detailed {management
| ap-manager | dynamic_interface_name}. To remove an ACL that is applied to an interface,
enter config interface acl {management | ap-manager | dynamic_interface_name} none.
See
Chapter 3
for more information on configuring controller interfaces.
To apply an ACL to the data path, enter this command:
config acl apply acl_name
To apply an ACL to the controller CPU to restrict the type of traffic (wired, wireless, or both)
reaching the CPU, enter this command:
config acl cpu acl_name {wired | wireless | both}
To see the ACL that is applied to the controller CPU, enter show acl cpu. To remove the
Note
ACL that is applied to the controller CPU, enter config acl cpu none.
To apply an ACL to a WLAN, enter this command:
config wlan acl wlan_id acl_name
To see the ACL that is applied to a WLAN, enter show wlan wlan_id. To remove the ACL
Note
that is applied to a WLAN, enter config wlan acl wlan_id none.
To apply a preauthentication ACL to a WLAN, enter this command:
config wlan security web-auth acl wlan_id acl_name
See
Chapter 6
for more information on configuring WLANs.
Configuring and Applying Access Control Lists
Cisco Wireless LAN Controller Configuration Guide
5-65