User's Manual
77JadeOSUserManual
white-list based on MAC address.
For example:
Add mac 11:22:33:44:55:6 into black-list:
(JadeOS) (AP MAC ACL Profile “mac-acl-prof-1”)#list-type deny
(JadeOS) (AP MAC ACL Profile “mac-acl-prof-1”)#mac 11:22:33:44:55:66
Add mac 11:22:33:44:55:6 into white-list:
(JadeOS) (AP MAC ACL Profile “mac-acl-prof-1”)#list-type accept
(JadeOS) (AP MAC ACL Profile “mac-acl-prof-1”)#mac 11:22:33:44:55:66
¾ Support to disconnect network automatically based on idle traffic monitor; you
can configure time and the default value is 300s. the configuring command is as
follows:
idle-timeout <300-15300>
¾ Support ACL based on traffic threshold and the default value is 1KB:
idle-threshold <0-1048576>
Configuring ACL
Configuring ACL based on IP address in AC achieves user access control. Configur-
ing different ACls in AC can control different user access, for example: you can make
user in the specified IP segment access the specified network segment. For ACL based
on IP address is according to SSID, you can configure different ACLs in different
SSID.
Functions supported by ACL:
¾ Match source IP address and network segment
¾ Match destination IP address and network segment
¾ Match specified IP protocol and range
¾ Match source port and destination port of UDP/TCP protocol
¾ Support the operation of ‘permit’ and ‘deny’ according to the above rules
Configuration command:
any any any deny/permit
For example:
(JadeOS) (config)#ip access-list session acl1
(JadeOS) (config-sess-acl1)#host 1.1.1.1 any tcp 1 100 deny
(JadeOS) (config-sess-acl1)#exit
(JadeOS) (config)#user-role role1
(JadeOS) (config-role)#access-list session acl1
(JadeOS) (config-role)#exit