Dell 6.2 Server User Manual

Open as PDF

of 869

539 | Remote AccessPoints DellPowerConnectW-SeriesArubaOS6.2 | User Guide

4. From the Policy Type drop-down list, select IPv4 Session.

5. To create the first rule:

a. Under Rules, click Add.

b. Under Source, select localip.

c. Under Destination, select any.

d. Under Action, select permit.

e. Click Apply.

Figure 174: Enable Restricted Access to LD Homepage

In the CLI

Use the localip keyword in the user role ACL.

By default, all users have an ACL entry of type any any deny. This rule restricts access to all users. When the ACL

is configured for a user role, if a user any permit ACL rule is configured, add a deny ACL before that for localip

for restricting the user from accessing the LD homepage.

Example:

ip access-list session logon-control

user localip svc-http deny

user any permit

Configuring the AAA Profile for Tunneling

After you configure the session ACL, you define the AAA profile used for split tunneling. When defining the AAA

parameters, specify the previously configured user role that contains the session ACL used for split tunneling.

If you enable RADIUS accounting in the AAA profile, the controller sends a RADIUS accounting start record to the

RADIUS server when a user associates with the remote AP, and sends a stop record when the user logs out or is

deleted from the user database. If interim accounting is enabled, the controller sends updates at regular intervals.

Each interim record includes cumulative user statistics, including received bytes and packets counters. For more

information on RADIUS accounting, see "RADIUS Accounting" on page 185

In the WebUI

1. Navigate to the Security > Authentication > AAA Profiles page. From the AAA Profiles Summary list, click

Add.

2. Enter the AAA profile name, then click Add.

3. Select the AAA profile that you just created.

a. For 802.1X Authentication Default Role, select the user role you previously configured for split tunneling,

then click Apply.

b. Under the AAA profile that you created, locate 802.1x Authentication Server Group, and select the

authentication server group to use, then click Apply.

4. (Optional) To enable RADIUS accounting:

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Dell 6.2 Server User Manual