beautypg.com

Role-policy, Chapter 19, Chapter – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 1095

background image

Brocade Mobility RFS Controller CLI Reference Guide

1087

53-1003098-01

Chapter

19

ROLE-POLICY

This chapter summarizes the role policy commands in the CLI command structure.

A well defined role policy simplifies user management, and is a significant aspect of WLAN
management. It acts as a role based firewall (much like ACLs) consisting of user-defined roles.
Each role has a set of match criteria (filters) used to filter wireless clients. The action taken when a
client matches the defined filters, is determined by the IP or MAC ACL associated with the
user-defined role. Based on the conditions specified in the IP and/or MAC ACL, clients are granted
or denied access to the controller managed network. The role policy also defines the VLAN and
data rates assigned to clients provided network access.

A role policy also enables LDAP service, allowing controllers and access points to retrieve user
information from the LDAP server. This information is matched with the user-defined role filters to
determine if a client matches the role or not, and should be allowed or denied access to the
controller managed network.

Use the (config-role-policy) instance to configure role policy related configuration commands. To
navigate to the
config-role instance, use the following commands:

(config)#role-policy

rfs7000-37FABE(config)#role-policy test

rfs7000-37FABE(config-role-policy-test)#?

Role Policy Mode commands:

default-role Configuration for Wireless Clients not matching any role

ldap-deadperiod Ldap dead period interval

ldap-query Set the ldap query mode

ldap-server Add a ldap server

ldap-timeout Ldap query timeout interval

no Negate a command or set its defaults

user-role Create a role

clrscr Clears the display screen

commit Commit all changes made in this session

do Run commands from Exec mode

end End current mode and change to EXEC mode

exit End current mode and down to previous mode

help Description of the interactive help system

revert Revert changes

service Service Commands

show Show running system information

write Write running configuration to memory or terminal

rfs7000-37FABE(config-role-policy-test)#

role-policy

ROLE-POLICY

See also other documents in the category Brocade Computer Accessories: