An association ACL is a policy-based ACL that either allows or denies clients from connecting to a controller, service platform or access point managed WLAN. An association ACL affords a system administrator the ability to restrict access by specifying a client MAC address or range of addresses to either include or exclude from WLAN connectivity.
Association ACLs are applied to WLANs as an additional access control mechanism. They can be applied to WLANs from within a WLAN Policy's Advanced Configuration screen. For more information on applying an existing association ACL to a WLAN, see Configuring Advanced WLAN Settings.
Each supported access point model supports 32 association ACLs.
To define an association ACL deployable with a WLAN:
Any of the policies listed in the Association Access Control List (ACL) screen can be selected and applied.
An Association ACL screen displays for defining a new ACL or modifying a selected ACL.
Association ACL | If you are creating an new Association ACL, provide a name specific to its function. Avoid naming it after the WLAN it supports. The name cannot exceed 32 characters. |
Precedence | The rules within a WLAN's ACL are applied to packets based on precedence. Every rule has a unique sequential precedence value you define. You cannot add two rules with the same precedence. The default precedence is 1, so be careful to prioritize ACLs accordingly as they are added. |
Starting MAC Address |
Provide a starting client MAC address for non unicast and multicast packet transmissions. |
Ending MAC Address |
Provide an ending client MAC address for non unicast and multicast packet transmissions. |
Allow/Deny | Use the drop-down menu to Allow or Deny access if a MAC address matches this rule. |