use
bridge
Associates a captive-portal, access control list (IPv4, IPv6, or MAC), and/or a URL filter with this bridge VLAN
Supported on the following devices:
- Access Points: AP5010, AP310i/e, AP410i/e, AP505i, AP510i, AP510e, AP560i, AP6522, AP6562, AP7161, AP7502,
AP7522, AP7532, AP7562, AP7602, AP7612, AP7622, AP763, AP7662, AP8163, AP8543,
AP8533.
- Service Platforms:
NX5500, NX7500, NX9500, NX9600
- Virtual Platforms: CX9000, VX9000
use [application-policy|captive-portal|ip-access-list|ipv6-access-list|mac-access-list|url-filter]
use application-policy <APP-POLICY-NAME>
use captive-portal <CAPTIVE-PORTAL-NAME>
use [ip-access-list|ipv6-access-list|mac-access-list] tunnel out <IP/ipv6/MAC-ACCESS-LIST-NAME>
use url-filter <URL-FILTER-NAME>
Parameters
use application-policy <APP-POLICY-NAME>
| use
application-policy <APP-POLICY-NAME> |
Enforces
application detection on this VLAN bridge
- <APP-POLICY-NAME> –
Specify the application policy name (should be existing and
configured).
- For
more information on application definitions and
application policy, see application and application-policy.
|
use captive-portal <CAPTIVE-PORTAL-NAME>
| use
captive-portal |
Applies an
existing captive portal configuration to restrict access to the bridge VLAN
configuration A captive
portal is an access policy for providing temporary and restrictive access
using a standard Web browser. Captive portals provide authenticated
access by capturing and re-directing a wireless user's Web browser
session to a captive portal login page where the user must enter valid
credentials to access to the network. Once logged into the captive
portal, additional terms and agreement, welcome, fail, and no-service
pages provide the administrator with a number of options on captive
portal screen flow and user appearance.
- <CAPTIVE-PORTAL-NAME> – Specify the captive portal name.
|
use [ip-access-list|ipv6-access-list|mac-access-list] tunnel out <IP/IPv6/MAC-ACCESS-LIST-NAME>
| use |
Sets this VLAN
bridge policy to use an IPv4/IPv6 access list or a MAC access list |
| ip-access-list |
Associates a
pre-configured IPv4 access list with this VLAN-bridge interface |
| ipv6-access-list |
Associates a
pre-configured IPv6 access list with this VLAN-bridge interface |
| mac-access-list |
Associates a
pre-configured MAC access list with this VLAN- bridge interface |
| tunnel out
<IP/IPv6/MAC-ACCESS-LIST-NAME> |
The following
keywords are common to the ‘IPv4/IPv6 access list‘ and ‘MAC access list‘
parameters:
- tunnel – Applies IPv4/IPv6
access list or MAC access list to all packets going into the tunnel
- out – Applies
IPv4/IPv6 access list or MAC access list to all outgoing
packets
- <IP/IPv6/MAC-ACCESS-LIST-NAME> – Specify the
IP/IPv6 access list or MAC access list name.
|
use url-filter <URL-FILTER-NAME>
| use
url-filter |
Sets this VLAN
bridge to use a URL filter |
| <URL-FILTER-NAME> |
Specify the URL
filter name. It should be existing and configured. This option enforces URL filtering on the VLAN
bridge.
|
Example
nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#use mac-access-list tunnel out PERMIT-ARP-AND-IPv4
nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#show context
bridge vlan 1
ip igmp snooping
ip igmp snooping querier
use mac-access-list tunnel out PERMIT-ARP-AND-IPv4
nx9500-6C8809(config-profile-default-rfs4000-bridge-vlan-1)#
Related Commands
| no |
Disables or
reverts VLAN Ethernet bridge settings |
