Dell 6.2 Server User Manual


  Open as PDF
of 869
 
15. Click the User Roles tab.
a. Click Add to create and configure a new user role.
b. Enter the desired name for the role in the Role Name field.
c. Under Firewall Policies, click Add.
d. From the Choose from Configured Policies drop-down menu, select the policy you just configured.
e. Click Done.
16. Click Apply.
Using the CLI
ap system-profile <profile>
lms-preemption
lms-hold-down period <seconds>netdestination <policy>
network <ipaddr> <netmask>
network <ipaddr> <netmask>
ip access-list session <policy>
any any svc-dhcp permit
any alias <name> any permit
user any any route src-nat
user-role <role>
session-acl <policy>
When defining the alias, there are a number of other session ACLs that you can create to define the handling of
local traffic, such as:
ip access-list session <policy>
user alias <name> any redirect 0
user alias <name> any route
user alias <name> any route src-nat
Configuring an ACL to Restrict Local Debug Homepage Access
A user in split or bridge role using a remote AP (RAP) can log on to the local debug (LD) homepage and perform a
reboot or reset operations. The LD homepage provides various information about the RAP and also has a button to
reboot the RAP. You can now restrict a RAP user from resetting or rebooting a RAP by using the localip keyword
in the in the user role ACL.
NOTE: You will require the PEFNG license to use this feature. See Software Licenses on page 100 for more information on licensing
requirements.
Any user associated to that role can be allowed or denied access to the LD homepage. You can use the localip
keyword in the ACL rule to identify the local IP address on the RAP. The localip keyword identifies the set of all
local IP addresses on the system to which the ACL is applied. The existing keywords controller and mswitch
indicate only the primary IP address on the controller.
NOTE: This release of ArubaOS provides localip keyword support only for RAP and not for controller.
In the WebUI
1. Navigate to the Configuration > Security > Access Control > Policies page.
2. Click Add to crete a new policy.
3. Enter the policy name in the Policy Name field.
DellPowerConnectW-SeriesArubaOS6.2 | User Guide RemoteAccessPoints | 538
 previous next