Use the access-control command to configure access to APs and/or controllers assigned this role. The access-control command is accessible from within the role:<named-role> context.
none | Specifies no access allowed. |
no-change | Specifies no change to current access status (keep using previous role/filter). |
allow | Specifies access allowed. |
deny | Specifies access denied. |
new | Specifies new. |
containment vlan-id | Specifies a containment VLAN access, by the VLAN ID. |
redirect | Specifies redirection based on policy rules. |
If the access-control command is set to no-change, any filters that exist in the previous role are applied to this station. For example, if the previous role is the default-role, default-role filters are applied to this station.
The show named-role command, within the role context, and the show command, within a role:<named-role> context, specify the current role-status command setting with the line “Do not change role settings when this Role is applied:”.
The following example enables access to AC and AP filter configuration within the p1 <named-role> context:
EWC.extremenetworks.com:role:p1# access-control no-change EWC.extremenetworks.com:role:p1# apply EWC.extremenetworks.com:role:p1# show Assigned topology: Seg1_Routed Ingress rate profile: no change Egress rate profile: no change Do not change role settings when this Role is applied: enable Name: Auth Synchronize: disable