I will have some outside vendors and support staff using wireless from inside my network. In order to try and setup a "secure" net for them to use that is segmented from the rest of my network, I created a new vlan (pspf enabled) and ssid for them. On the vlan I have setup and acl and applied it to the incoming traffic. Here it is:
10 permit icmp any any
20 permit udp any eq bootpc any
30 deny tcp any 10.0.0.0 0.255.255.255
40 deny udp any 10.0.0.0 0.255.255.255
50 permit tcp any any eq www
60 permit tcp any any eq 443
70 permit udp any any eq domain
80 deny ip any any log
I have tested it briefly and it appears to be doing what I want, any recommendations on tweaks?
We are moving! Please use WLCCA Forum for updates and discussions
[toc:faq] Wireless LAN Controller (WLC) Config Analyzer Download Click
here to Download To request access, send an e-mail to
email@example.com. Please include your Cisco.com userna...
[toc:faq] IntroductionHere is the step by step process that we have to
take care of while converting LWAPP to IOS and then vice versa..LWAPP to
IOSThe hardware used = 1141 AP (make sure we are using the right
[toc:faq] Introduction AnyConnect Secure Mobility Client 3.0: Network
Access Manager & Profile Editor on Windows Summary Use the Cisco
AnyConnect Network Access Manager Profile Editor to build custom
profiles for the AnyConnect Secure Mobility Client. App...