Filter
Top Products
301 | Rolesand Policies DellPowerConnectW-SeriesArubaOS6.2 | User Guide
traffic from being automatically forwarded to the controller if it was not specifically denied in a blacklist. The
maximum number of entries allowed in the ACL White List is 64. To create an ACL white list, you must first
define a white list bandwidth contract, and then assign it to an ACL.
In the WebUI
1. Navigate to the Configuration > Advanced Services > Stateful Firewall > White List BW Contracts page.
2. Click Add to create a new contract.
3. In the White list contract name field, enter the name of a bandwidth contract.
4. The Bandwidth Rate field allows you to define a bandwidth rate in either kbps or Mbps. Enter a rate value the
Bandwidth rate field, then click the drop-down list and select either kbps or Mbps.
5. Click Done.
Configuring the ACL White List in the WebUI
1. Navigate to the Configuration > Stateful Firewall > ACL White List page.
2. To add an entry, click the Add button at the bottom of the page. The Add New Protocol section displays.
3. Click the Action drop-down list and select Permit or Deny. Permit allows session traffic to be forwarded to the
controller while Deny blocks session traffic.
4. In the IP Protocol Number field, enter the number for a protocol used by session traffic.
5. In the Starting Ports field, enter a starting port. This is the first port, in the port range, on which permitted or
denied session traffic is running. Port range: 1–65535.
6. In the End Ports field, enter an ending port. This is the last port, in the port range, on which permitted or
denied session traffic is running. Port range: 1–65535.
7. (Optional) Click the White list Bandwidth Contract drop-down list and specify the name of a bandwidth
contract to apply to the session traffic. For further information on creating Bandwidth Contracts, see
"Configuring a Bandwidth Contract in the WebUI" on page 304
8. Click Done. The ACL displays on the white list section.
9. To delete an entry, click Delete next to the entry you want to delete.
10. Click Apply to save changes.
Configuring the White List Bandwidth Contract in the CLI
cp-bandwidth-contract <name> {mbits <1..2000>}|{kbits <256..2000000>}
Configuring the ACL White List in the CLI
Use the following CLI command to create ACL White Lists.
(host) (config) #firewall cp {deny|permit} proto <IP protocol number> ports <start port
number> <last port number> [bandwidth-contract <name>]
To create a whitelist ACL entry that permits traffic using protocol 6 on ports 5000 through 6000 to be forwarded to
the controller:
(host) (config-fw-cp) #firewall cp permit proto 6 ports 5000 6000
To create a whitelist ACL entry that denies traffic using protocol 2 on port 5000 from being forwarded to the
controller:
(host) (config-fw-cp) #firewall cp deny proto 2 ports 5000 5000