Motorola WS5100 Series Cli Reference Manual page 229

wlan-acl 14 macacl in
2. If ACL has mix of rules – with different WLAN indices and without an WLAN indices,
then it should be grouped as follows.
a. Create separate ACLs for all rules with a given WLAN index.
b. Create separate ACLs for rules which do not have any WLAN index.
To manually configure the Standard ACL, in the above example, it has to be split into
3 ACLs.
ip access-list standard stdacl1
permit any rule-precedence 34
ip access-list standard stdacl2
permit host 10.0.0.10 rule-precedence 44
ip access-list standard stdacl3
deny host 30.0.0.14 rule-precedence 54
no access-list stdacl
wlan-acl 5 stdacl1 in
wlan-acl 6 stdacl2 in
The stdacl must be detached from the interface to which it was associated and stdacl3
must be attached to that interface.
When the user explicitly creates ACL rules with WLAN index as selector, the switch
consumes that ACL without WLAN index selector. During this process a warning is raised
to the user as mentioned in the example below.
WS5100(config)#access-list 14 permit any wlan 19 log
Warning : Acl rules with Wlan Index is deprecated. Wlan index
configured for the
rule will be ignored. Please use wlan-acl CLI to apply ACLs on WLAN
Example
The example below applies an ACL to WLAN index 200 in inbound direction from the
global config mode.
WS5100(config)#wlan-acl 2 150 in
WS5100(config)#
NOTE: A MAC access list entry to allow
IP based ACL to an interface. MAC ACL always takes precedence over
IP based ACL's.
Global Configuration Commands
is mandatory to apply an
arp
5-65