beautypg.com

Association-acl-policy, Chapter 11, Chapter – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 897

background image

Brocade Mobility RFS Controller CLI Reference Guide

885

53-1003098-01

Chapter

11

ASSOCIATION-ACL-POLICY

This chapter summarizes the association ACL policy commands in the CLI command structure. An
association ACL is a
policy-based Access Control List (ACL) that either prevents or allows wireless clients from
connecting to a controller managed WLAN.

System administrators can use an association ACL to grant or restrict wireless clients access to the
WLAN by specifying client MAC addresses or range of MAC addresses to either include or exclude
from controller connectivity. Association ACLs are applied to WLANs as an additional access control
mechanism.

Use the (config) instance to configure the association ACL policy. To navigate to the
association-acl-policy instance, use the following commands:

(config)#association-acl-policy

rfs7000-37FABE(config)#association-acl-policy test

rfs7000-37FABE(config-assoc-acl-test)#

rfs7000-37FABE(config-assoc-acl-test)#?

Association ACL Mode commands:

deny Specify MAC addresses to be denied

no Negate a command or set its defaults

permit Specify MAC addresses to be permitted

clrscr Clears the display screen

commit Commit all changes made in this session

do Run commands from Exec mode

end End current mode and change to EXEC mode

exit End current mode and down to previous mode

help Description of the interactive help system

revert Revert changes

service Service Commands

show Show running system information

write Write running configuration to memory or terminal

rfs7000-37FABE(config-assoc-acl-test)#

NOTE

If creating an new association ACL policy, provide a name specific to its function. Avoid naming it
after a WLAN it may support. The name cannot exceed 32 characters.

Before defining an association ACL policy and applying it to a WLAN, refer to the following
deployment guidelines to ensure the configuration is optimally effective:

The name and configuration of an association ACL policy should meet the requirements of the
WLANs it may map to. However, be careful not to name ACLs after specific WLANs, as
individual ACL policies can be used by more than one WLAN.

You cannot apply more than one MAC based ACL to a layer 2 interface. If a MAC ACL is already
configured on a layer 2 interface, and a new MAC ACL is applied to the interface, the new ACL
replaces the previously configured one.

See also other documents in the category Brocade Computer Accessories: