Configure Access Control Rule

An Access Control Rule is used to further define an end user's network access based on the groups and policy roles with which the end user is associated.

To configure an Access Control Rule, take the following steps:

  1. Go to Onboard > Rules > Add.
  2. Access Control Rule Settings describes each setting and provides an example value configured for the Access Control Rule. Configure the following rule settings:
    Click to expand in new window
    Access Control Rule Configuration: Captive Portal Admins
    Access Control Rule: Block Client
    Table 1. Access Control Rule Settings
    Field Description
    Name Rule name. Example: Lab40-ICP Admin
    Rule Enabled Check to enable this rule.
    Conditions
    Note:
    • If you select Any, then the criteria is ignored during the rule match process.
    • If you select the Invert check box, it is considered a rule match if the end-system does not match the selected value.
    User-Group Any. No specific group configured.
    End-System Group The end-system group that you configured in Configure Access Control Group (Captive Portal Admins).

    End-systems that do not match any of the listed rules are assigned the Default Catchall rule.
    Device Type Group Any. No specific group configured.
    Location Group The location group that you configured that is affected by the rule. SSID: Lab40-ICP
    Accept Policy Associate a policy role with the Access Control Rule. Example: Captive Portal Admin. We configured this policy under Configure Admin Access Policy Role. The Default Action is defined in the policy rule.
    Portal Associate a captive portal with a rule. Our example uses the Default.

Next, review the Default Access Control Rules, then go to Onboard > Rules to define the rule precedence of the Access Control Rules.

9038919-00 Rev. AA