Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WLC ACL For Internet Access Only

I've implemented  Cicso ISE 3495's with the advanced subscription license.  I've built my policy sets, and authorization profiles.  It all works great!  Here's the issue that I'm having.  I have internal employees who bring in their own devices (BYOD).  I want to allow them onto the secured SSID that I've created, but only want to give them access to the intra/internet.  I've created an ACL (EmpInternetOnly) on the WLC.  Here are my rules:

 

//
//
//
//
//
//
//
//
//
//
//
//
//
//   
  

 

I can get to the intranet, with no issue (ACL lines 1-4).  I can't get to the internet whatsoever.  I see everything falling down to the deny statement.  When I remove the deny statement (ACL line 14), and put a permit all, then the internet works with no issue.  Am I missing something here?  I've researched this topic on several message boards, but can't find an answer.  I've tried to run the acl debug, on the controller, but do not see any output when I run it.  It might be because I don't understand the proper format of how to set it up.  Any and all replies would be much appreciated!  Thanks!

 

Steve

Everyone's tags (1)
1 REPLY
New Member

(No subject)

472
Views
0
Helpful
1
Replies
CreatePlease to create content