Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 207 Access Points

191

192

193

194

195

196

197

198

199

200

195 | Roles and Policies Dell Networking W-Series Instant 6.5.1.0-4.3.1.0 | User Guide

3. In the New Rule window, select the rule type as Redirect Blocked HTTPS.

4. Click OK.

5. Click OKin the Roles tab to save the changes.

In the CLI

To configure an ACL rule to redirect blocked HTTPS to a custom error page URL:

(Instant AP)(config)# wlan access-rule <access_rule_name>

(Instant AP) (Access Rule "<access_rule_name>")# dpi-error-page-url <idx>

(Instant AP) (Access Rule "<access_rule_name>")# redirect-blocked-https-traffic

Instant AP) (Access Rule "<access_rule_name>")# end

(Instant AP)# commit apply

Configuring User Roles

Every client in the Instant network is associated with a user role that determines the network privileges for a

client, the frequency of reauthentication, and the applicable bandwidth contracts.

Instant allows you to configure up to 32 user roles. If the number of roles exceed 32, an error message is

displayed.

The user role configuration on a W-IAP involves the following procedures:

l Creating a User Role on page 195

l Assigning Bandwidth Contracts to User Roles on page 196

l Configuring Machine and User Authentication Roles on page 197

Creating a User Role

You can create a user role by using the Instant UI or the CLI.

In the Instant UI

To create a user role:

1. Click the Security link located directly above the Search bar in the Instant main window. The Security

window is displayed.

2. Click the Roles tab. The Roles tab contents are displayed.

3. Under Roles, click New.

4. Enter a name for the new role and click OK.

You can also create a user role when configuring wireless or wired network profiles. For more information, see

Configuring Access Rules for a WLAN SSID Profile on page 94 and Configuring Access Rules for a Wired Profile

on page 107.

In the CLI

To configure user roles and access rules:

(Instant AP)(config)# wlan access-rule <access-rule-name>

(Instant AP)(Access Rule <Name>)# rule <dest> <mask> <match> <protocol> <start-port> <end-

port> {permit|deny|src-nat [vlan <vlan_id>|tunnel]|dst-nat {<IP-address> <port>|<port>}}

[<option1…option9>]