Access Control Lists
After the initial setup, the access control (ACL) list needs to be configured, in order to prohibit unauthorized access to the controller. Choose SECURITY and then Access Control Lists | Access Control Lists and create an ACL by pressing New... The ACL shoud include at least
- the networks from which maintenance is carried out
- the address(es) of the monitoring server(s)
- the network(s) from which the APs and the WLAN clients get their addresses
- the address(es) of the RADIUS server(s)
- a rule to always answer ping commands
An example of an ACL is shown below. Inbound means packets towards the controller and outbound means packets towards the WLAN clients.
After you have specified the ACL you need to take it into use by first selecting Access Control Lists from the side bar and by choosing your ACL and specifying the CPU ACL Mode to Wired or Both.
<to be continued>