Site Allow List/Deny List

Enforce Site-Level Control Over RF Association

Configure Client Access Lists for clients at the site level. For more information, see Site Client Access Lists.

Enforce IP Address Protection

Protect critical network resources from MU clients by creating a list of Address Resolution Protocol (ARP) IPv4 addresses for network routers, gateway servers, and other critical servers. ExtremeCloud IQ Controller assigns the Quarantine Role to clients that use a reserved IPv4 address from this configured list and logs an entry indicating that the restricted IP address was hit.

The Critical IP Address List is configured per site. The list applies to all clients in the site. When a client uses a protected IP address, the following takes place:

All Address Resolution Protocol (ARP) traffic from that client is blocked.
The client is assigned to the Quarantine Role, and it remains on Quarantine until the client is disassociated from the network.
The following event log is generated:
Usage of reserved IP address detected. Client [], IP address []. Client will be assigned role Quarantine.

To view event logs, go to Tools > Logs > Events.

Note

Enforce IP Address Protection configuration changes only apply to new client registrations. Adding and removing IP addresses from the Critical IP Address List does not affect the state of the connected clients. In order to enforce or remove enforcement of a pre-existing client session, the session needs to be removed from the system – disassociate the client. Client re-association is processed according to the latest state of the Critical IP Address List.