use
bridge
Associates a captive-portal, access control list (IPv4, IPv6, or MAC), and/or a URL filter with this bridge VLAN
Supported in the following platforms:
- Access Points — AP310i/e, AP410i/e, AP460i/e, AP560i/h,
AP510i/e, AP505i, AP7522, AP7532, AP7562, AP7612, AP7632, AP7662, AP8432, AP8533
- Service Platforms
— NX5500, NX7500, NX9500, NX9600, VX9000
use [application-policy|captive-portal|ip-access-list|ipv6-access-list|mac-access-list|
purview-application-policy|url-filter]
use application-policy <APP-POLICY-NAME>
use captive-portal <CAPTIVE-PORTAL-NAME>
use [ip-access-list|ipv6-access-list|mac-access-list] tunnel out <IP/ipv6/MAC-ACCESS-LIST-NAME>
use url-filter <URL-FILTER-NAME>
use purview-application-policy <PURVIEW-APP-POLICY-NAME>
Parameters
use application-policy <APP-POLICY-NAME>
| use
application-policy <APP-POLICY-NAME> |
Enforces
application detection on this VLAN bridge
- <APP-POLICY-NAME> –
Specify the application policy name (should be existing and
configured).
- For
more information on application definitions and
application policy, see application and application-policy.
|
use captive-portal <CAPTIVE-PORTAL-NAME>
| use
captive-portal |
Applies an
existing captive portal configuration to restrict access to the bridge VLAN
configuration A captive
portal is an access policy for providing temporary and restrictive access
using a standard Web browser. Captive portals provide authenticated
access by capturing and re-directing a wireless user's Web browser
session to a captive portal login page where the user must enter valid
credentials to access to the network. Once logged into the captive
portal, additional terms and agreement, welcome, fail, and no-service
pages provide the administrator with a number of options on captive
portal screen flow and user appearance.
- <CAPTIVE-PORTAL-NAME> – Specify the captive portal name.
|
use [ip-access-list|ipv6-access-list|mac-access-list] tunnel out <IP/IPv6/MAC-ACCESS-LIST-NAME>
| use |
Sets this VLAN
bridge policy to use an IPv4/IPv6 access list or a MAC access list |
| ip-access-list |
Associates a
pre-configured IPv4 access list with this VLAN-bridge interface |
| ipv6-access-list |
Associates a
pre-configured IPv6 access list with this VLAN-bridge interface |
| mac-access-list |
Associates a
pre-configured MAC access list with this VLAN- bridge interface |
| tunnel out
<IP/IPv6/MAC-ACCESS-LIST-NAME> |
The following
keywords are common to the ‘IPv4/IPv6 access list‘ and ‘MAC access list‘
parameters:
- tunnel – Applies IPv4/IPv6
access list or MAC access list to all packets going into the tunnel
- out – Applies
IPv4/IPv6 access list or MAC access list to all outgoing
packets
- <IP/IPv6/MAC-ACCESS-LIST-NAME> – Specify the
IP/IPv6 access list or MAC access list name.
|
use url-filter <URL-FILTER-NAME>
| use
url-filter |
Sets this VLAN
bridge to use a URL filter |
| <URL-FILTER-NAME> |
Specify the URL
filter name. It should be existing and configured. This option enforces URL filtering on the VLAN
bridge.
|
use purview-application-policy <PURVIEW-APP-POLICY-NAME>
| use purview-application-policy
<PURVIEW-APP-POLICY-NAME> |
Enforces application detection on
this VLAN bridge |
Example
nx9500-6C8809(config-profile testnx9500-bridge-vlan-1)#use mac-access-list tunnel out PERMIT-ARP-AND-IPv4
nx9500-6C8809(config-profile testnx9500-bridge-vlan-1)#show context
bridge vlan 1
l2-tunnel-broadcast-optimization
tunnel-over-level2
ip igmp snooping
ip igmp snooping querier
ipv6 mld snooping
ipv6 mld snooping querier
use mac-access-list tunnel out PERMIT-ARP-AND-IPv4
nx9500-6C8809(config-profile testnx9500-bridge-vlan-1)#
Related Commands
| no |
Disables or
reverts VLAN Ethernet bridge settings |
