User's Guide
Table Of Contents
- Table of Contents
- Preface
- Welcome to Extreme Campus Controller
- Dashboard
- Monitor
- Sites List
- Device List
- Access Points List
- Smart RF Widgets
- Switches List
- Networks List
- Clients
- Policy
- Configure
- Network Configuration Steps
- Sites
- Add a Site
- Modifying Site Configuration
- Site Location
- Adding Device Groups to a Site
- Add or Edit a Configuration Profile
- Associated Profiles
- Associated Networks
- Mesh Point Profile Configuration
- Configure Client Bridge
- Understand Radio Mode
- Radio as a Sensor
- Advanced AP Radio Settings
- VLAN Profile Settings
- AirDefense Profile Settings
- ExtremeLocation Profile Settings
- IoT Profile Settings
- Positioning Profile Settings
- Analytics Profile Settings
- RTLS Settings
- Advanced Configuration Profile Settings
- Configuring RF Management
- Configuring a Floor Plan
- Advanced Tab
- Devices
- Networks
- Policy
- Automatic Adoption
- ExtremeGuest Integration
- AAA RADIUS Authentication
- Onboard
- Onboard AAA Authentication
- Manage Captive Portal
- Manage Access Control Groups
- Access Control Rules
- Tools
- Administration
- System Configuration
- Manage Administrator Accounts
- Extreme Campus Controller Applications
- Product License
- Glossary
- Index
packets have already passed through the system. For typical web trac, the leak is minimal for a long
duration flow. However, for short duration flows, the Deny filter may not be eective.
Any flows that are not matched through classification are handled by the Default Action.
The Redirect action is only available for IPv4 trac, not IPv6. The Allow, Deny, and Contain actions are
available for IPv6.
Related Topics
Adding Custom Apps to the Application List on page 266
Configuring L7 Application Rules
Create application rules when you need application-level (Layer 7) enforcement, for example, to limit or
block access to non-business related trac.
You can create a new application rule anywhere in the list of policy rules and create any number of
application rules in one role.
To configure application rules:
1. Go to Policy > Roles > Add.
2. For application policy rules, select the L7 Application Rules drop-down.
3. Select in that row.
The Rules dialog displays.
From User
A packet header includes both a destination IPv4 address and a source IPv4 address. Determine
how to filter trac that flows from the station to the network by defining the destination or the
source address as the filter. Options include: Destination (dest), Source (src), and None.
To User
A packet header includes both a destination IPv4 address and a source IPv4 address. Determine
how to filter trac that flows from the network to the station by defining the destination or the
source address as the filter. Options include: Destination (dest), Source (src), and None.
Search
Type the application to search for. The Group and Application Name fields are automatically
populated when you select an application from the Search field.
Group
Internet applications are organized in groups based on the type or purpose of the application.
After you select an Application Group, the Application Name drop-down is populated with
application names that are part of the specified group.
Application Name
Names of applications that are a member of the specified group.
Access Control
Determines access control action for the rule. Valid values are:
• None - No role defined
• Allow - Packets contained to role's default action's VLAN/topology
Configure
Configuring Roles
Extreme Campus Controller User Guide for version 5.46.03 265