AP1101 - ACL - Alcatel Unleashed

AP1101 - ACL

1 post • Page 1 of 1

artzainak: Member; Posts: 2; Joined: 30 Jun 2017 08:37

AP1101 - ACL

Quote

Post by artzainak » 30 Jun 2017 08:57

Hi AP1101 Users,

Reflection on ACLs and multi-WLANs (Employees, Guests, ...).

How to make ACLs apply only to WLAN Guest?

By default ACLs apply to all WLANs.

Can I create a wan2 zone and apply ACLs to this WLAN only?

In My Config.conf :

config interface 'wan'
option ifname 'eth0'
option type 'bridge'
option proto 'dhcp'

config zone
option name 'wan'
list network 'wan'
option conntrack '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'

config include
option path '/etc/firewall.user'

config rule
option src 'wan'
option dest '*'
option target 'ACCEPT'
option dest_ip '192.168.1.252'
option proto 'all'
option src_ip '192.168.1.160/27'

config rule
option src 'wan'
option dest '*'
option target 'ACCEPT'
option dest_ip '192.168.1.245'
option proto 'all'
option src_ip '192.168.1.160/27'

config rule
option src 'wan'
option dest '*'
option target 'ACCEPT'
option dest_ip '192.168.1.8'
option dest_port '21'
option proto 'udp'
option src_ip '192.168.1.160/27'

config rule
option src 'wan'
option dest '*'
option proto 'all'
option dest_ip '192.168.0.0/16'
option target 'REJECT'
option src_ip '192.168.1.160/27'

config wifi-iface '414c434154454c5f49414b_5G_wifi1'
option ssid 'EMPLOYE'
option device 'wifi1'
option mode 'ap'
option network_type 'employee'
option network 'wan'

config wifi-iface '414c434154454c5f49414b_5G_wifi1'
option ssid 'GUEST'
option device 'wifi1'
option mode 'ap'
option network_type 'employee'
option network 'wan'

Post Reply

1 post • Page 1 of 1

Return to “OmniAccess Wireless Access Points”