Filter
Top Products
Creating the Faculty Role and Policy
The faculty policy is similar to the student policy, however faculty members are allowed to use POP3 and SMTP for
VPN remote access from home. (Students are not permitted to use VPN remote access.) The faculty policy is
mapped to the faculty user role.
Using the WebUI
1. Navigate to the Configuration > Security > Access Control > Policies page. Click Add to add the faculty
policy.
2. For Policy Name, enter faculty.
3. For Policy Type, select IPv4 Session.
4. Under Rules, click Add to add rules for the policy.
a. Under Source, select user.
b. Under Destination, select alias, then select Internal Network.
c. Under Service, select service. In the Service scrolling list, select svc-telnet.
d. Under Action, select drop.
e. Click Add.
f. Repeat steps A-E to create rules for the following services: svc-ftp, svc-snmp, and svc-ssh.
5. Click Apply.
6. Select the User Roles tab. Click Add to create the faculty role.
7. For Role Name, enter faculty.
8. Under Firewall Policies, click Add. In Choose from Configured Policies, select the faculty policy you previously
created. Click Done.
In the CLI
(host)(config) #ip access-list session faculty
user alias “Internal Network” svc-telnet deny
user alias “Internal Network” svc-ftp deny
user alias “Internal Network” svc-snmp deny
user alias “Internal Network” svc-ssh deny
(host)(config) #user-role faculty
session-acl faculty
session-acl allowall
Creating the Guest Role and Policy
The guest policy permits only access to the Internet (via HTTP or HTTPS) and only during daytime working hours.
The guest policy is mapped to the guest user role.
In the WebUI
1. Navigate to the Configuration > Security > Access Control > Time Ranges page to define the time range
“working-hours”. Click Add.
a. For Name, enter working-hours.
b. For Type, select Periodic.
c. Click Add.
d. For Start Day, click Weekday.
e. For Start Time, enter 07:30.
f. For End Time, enter 17:00.
DellPowerConnectW-SeriesArubaOS6.2 | User Guide 802.1XAuthentication | 206