Brocade Communications Systems RFS7000 Network Router User Manual


  Open as PDF
of 839
 
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide 313
53-1001931-01
Global Configuration commands
5
NOTE
All ACLs which had WLAN index are now replaced with ones that don't have WLAN index.
In the above process, the acl "110" had two rules which got replaced by only one rule because after
removal of WLAN index selector, both the rules look similar.
Follow the procedure below to manually upgrade the ACLs to the same configuration:
1. If all the rules in ACL have same WLAN index as selector and there are no other ACL rules, then
attach the ACL to the WLAN port.
In the above example, the ACL "macacl" has two rules for WLAN 14 which can be attached to
WLAN port as follows:
wlan-acl 14 macacl in
2. If the ACL has mix of rules – with different WLAN indices and without an WLAN indices, it
should be grouped as follows:
a. Create separate ACLs for all rules with a given WLAN index.
b. Create separate ACLs for rules which do not have any WLAN index.
To manually configure a Standard ACL, the example above has to be split into 3 ACLs.
ip access-list standard stdacl1
permit any rule-precedence 34
ip access-list standard stdacl2
permit host 10.0.0.10 rule-precedence 44
ip access-list standard stdacl3
deny host 30.0.0.14 rule-precedence 54
no access-list stdacl
wlan-acl 5 stdacl1 in
wlan-acl 6 stdacl2 in
The stdacl must be detached from the interface to which it was associated and stdacl3 must be
attached to that interface.
When the user explicitly creates ACL rules with WLAN index as selector, the controller consumes
that ACL without WLAN index selector. During this process a warning is raised to the user as
mentioned in the example below.
RFController(config)#access-list 14 permit any wlan 19 log
Warning : Acl rules with Wlan Index is deprecated. Wlan index configured for
the rule will be ignored. Please use wlan-acl CLI to apply ACLs on WLAN
Example
The example below applies an ACL to WLAN index 200 in an inbound direction from the global
config mode.
RFController(config)#wlan-acl 2 150 in
RFController(config)#
 previous next