Filter
Top Products
303 | Rolesand Policies DellPowerConnectW-SeriesArubaOS6.2 | User Guide
Creating a User Role
The following example creates the user role ‘web-guest’ and assigns the previously-configured ‘web-only’ policy to this
user role.
In the WebUI
1. Navigate to the Configuration > Security > Access Control > User Roles page.
2. Click Add to create and configure a new user role.
3. Enter web-guest for Role Name.
4. Under Firewall Policies, click Add. From Choose from Configured Policies, select the ‘web-only’ session policy
from the list. You can click Create to create and configure a new policy.
5. Click Done to add the policy to the user role.
NOTE: If there are multiple policies for this role, policies can be re-ordered by the using the up and down buttons provided for
each policy.
6. You can optionally enter configuration values as described in Table 81.
7. Click Apply to apply this configuration. The role is not created until the configuration is applied.
After assigning the user role (see "Assigning User Roles" on page 305), you can click the Show Reference button to
see the profiles that reference this user role.
To a delete a user role in the WebUI:
1. Navigate to the Configuration > Security > Access Control > User Roles page.
2. Click the Delete button against the role you want to delete.
NOTE: You cannot delete a user-role that is referenced to profile or server derived role. Deleting a server referenced role will result
in an error. Remove all references to the role and then perform the delete operation.
In the CLI
(host)(config) #user-role web-guest
access-list session web-only position 1
After assigning the user role (see "Assigning User Roles" on page 305), you can use the show reference user-role
<role> command to see the profiles that reference this user role.
Bandwidth Contracts
You can manage bandwidth utilization by assigning maximum bandwidth rates, or
bandwidthcontracts
, to user roles
or ap-group. You can configure bandwidth contracts, in kilobits per second (Kbps) or megabits per second (Mbps),
for the following types of traffic:
l from the client to the controller (“upstream” traffic)
l from the controller to the client (“downstream” traffic)
You can assign different bandwidth contracts to upstream and downstream traffic for the same user role. You can
also assign a bandwidth contract for only upstream or only downstream traffic for a user role; if there is no bandwidth
contract specified for a traffic direction, unlimited bandwidth is allowed.
By default, all users that belong to the same role share a configured bandwidth rate for upstream or downstream
traffic. You can optionally apply a bandwidth contract on a
per-user
or
per-ap-group
basis; each user who belongs to
the role is allowed the configured bandwidth rate.