Motorola WS5100 Series Migration Giude page 151

Hide thumbs Also See for WS5100 Series:

Cli reference manual (492 pages)

Reference manual (444 pages)

Troubleshooting manual (100 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

Table of Contents

NOTE: All ACLs which had WLAN index are now replaced with ones

that don't have WLAN index.

In the above process, the acl "110" had two rules which got replaced by

only one rule because after removal of WLAN index selector, both the

rules look similar.

Follow the procedure mentioned below to manually upgrade the ACLs to the same configuration:

1. If all the rules in ACL have same WLAN index as selector and there are no other ACL rules then attach

the ACL to the WLAN port.

In the above example, the ACL "macacl" has two rules for WLAN 14 which can be attached to WLAN

port as follows:

wlan-acl 14 macacl in

2. If ACL has mix of rules – with different WLAN indices and without an WLAN indices, then it should be

grouped as follows.

a. Create separate ACLs for all rules with a given WLAN index.

b. Create separate ACLs for rules which do not have any WLAN index.

To manually configure the Standard ACL, in the above example, it has to be split into 3 ACLs.

ip access-list standard stdacl1

permit any rule-precedence 34

ip access-list standard stdacl2

permit host 10.0.0.10 rule-precedence 44

ip access-list standard stdacl3

deny host 30.0.0.14 rule-precedence 54

no access-list stdacl

wlan-acl 5 stdacl1 in

wlan-acl 6 stdacl2 in

The stdacl must be detached from the interface to which it was associated and stdacl3 must be attached

to that interface.

When the user explicitly creates ACL rules with WLAN index as selector, the switch consumes that ACL

without WLAN index selector. During this process a warning is raised to the user as mentioned in the

example below.

WS5100(config)#access-list 14 permit any wlan 19 log

Warning : Acl rules with Wlan Index is deprecated. Wlan index configured for the

rule will be ignored. Please use wlan-acl CLI to apply ACLs on WLAN

Example

The example below applies an ACL to WLAN index 200 in inbound direction from the global config mode.

WS5100(config)#wlan-acl 2 150 in

WS5100(config)#

NOTE: A MAC access list entry to allow

IP based ACL to an interface. MAC ACL always takes precedence over

IP based ACL's.

The example below applies an ACL to WLAN index 200 in outbound direction from the global config mode.

is mandatory to apply an

arp

10-11

ACL

Table of Contents

Motorola WS5100 Series Migration Giude page 151

Related Manuals for Motorola WS5100 Series

Related Products for Motorola WS5100 Series

Table of Contents