Configuring Access Control Lists - Cisco SD2008T-NA Configuration Manual
4400 series wireless lan controller
Hide thumbs
Also See for SD2008T-NA:
- Configuration manual (46 pages) ,
- Installation manual (160 pages)
Table of Contents
Advertisement
Configuring Access Control Lists
Use these commands to configure DHCP option 82 on the controller.
1.
2.
3.
Configuring Access Control Lists
An access control list (ACL) is a set of rules used to limit access to a particular interface (for example,
if you want to restrict a wireless client from pinging the management interface of the controller). ACLs
can be applied to data traffic to and from wireless clients or to all traffic destined for the controller CPU.
After they are defined, ACLs can be applied to the management interface, the AP-manager interface, or
any of the dynamic interfaces for client data traffic or to the NPU interface for traffic to the controller
CPU.
If you are using an external web server, you must configure a preauthentication ACL on the WLAN for
Note
the external web server.
You can define up to 64 ACLs, each with up to 64 rules (or filters). Each rule has parameters that affect
its action. When a packet matches all of the parameters for a rule, the action set for that rule is applied
to the packet.
You can configure ACLs through either the GUI or the CLI.
Cisco Wireless LAN Controller Configuration Guide
5-8
To configure the format of the DHCP option 82 payload, enter one of these commands:
config dhcp opt-82 remote-id ap_mac
–
This command adds the MAC address of the access point to the DHCP option 82 payload.
config dhcp opt-82 remote-id ap_mac:ssid
–
This command adds the MAC address and SSID of the access point to the DHCP option 82
payload.
To enable or disable DHCP option 82 on the controller, enter this command:
config interface dhcp ap-manager opt-82 {enable | disable}
To see the status of DHCP option 82 on the controller, enter this command:
show interface detailed ap-manager
Information similar to the following appears:
Interface Name................................... ap-manager
IP Address....................................... 10.30.16.13
IP Netmask....................................... 255.255.248.0
IP Gateway....................................... 10.30.16.1
VLAN............................................. untagged
Active Physical Port............................. LAG (29)
Primary Physical Port............................ LAG (29)
Backup Physical Port............................. Unconfigured
Primary DHCP Server.............................. 10.1.0.10
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Enabled
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Chapter 5
Configuring Security Solutions
OL-9141-03
Hide quick links:
Advertisement
Table of Contents
