WLC ACL Assistance

Unanswered Question
Mar 7th, 2008

Hello,

I am totally new to wireless security and would appreciate some assistance. We have 4402 WLC's and from what I've read it would seem that a CPU ACL is what I would need to create and apply to accomplish our goals. Unfortunately I am not sure what interface to apply it on and what type it should be.

Our scenario is we have wireless clients that we would like to limit traffic to certain services by applying ACL's. The ACL needs to limit traffic originating on our wireless network (10.10.130.x) to the following networks on the following ports:

Networks:

192.168.130.x/24

192.168.131.x/24

192.168.100.x/24

192.168.102.x/24

192.168.105.x/24

Services:

DHCP/BOOTP

DNS

ICMP (PING)

TELNET

My interfaces on the WLC are set up as the following:

ap-manager vlan 10 10.10.130.251 static enabled

management vlan 10 10.10.130.250 static not supported

service-port N/A 192.168.130.50 static not supported

virtual N/A 1.1.1.1 static not supported

How may I accomplish this?

Thank you for your help,

Michael

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
michael-montgomery Fri, 03/14/2008 - 16:45

Thanks for the response and doc. In our config we do not have a dynamic interface created and I was trying to accomplish this w/o one. I was able to apply the acl to the wlan and override the interface acl, and so far this seems to work.

Actions

This Discussion

 

 

Trending Topics - Security & Network