User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

361

362

363

364

365

366

367

368

369

370

Configuring the ACL White List in the CLI

Use the following CLI command to create ACL White Lists.

(host) (config-fw-cp)ipv4|ipv6 deny|permit <ip-addr><ip-mask>|any|{host <ip-addr>} proto{<ip-

protocol-number> ports <start port number> <end port number>}

To create a whitelist ACL that allows traffic on an ipv4 filter with the ipv4 source address 10.10.10.10 and the

ipv4 source mask 2.2.2.2 where the protocol is ftp and the the bandwidth contract name is mycontract.

(host) (config-fw-cp) #ipv4 permit 10.10.10.10 2.2.2.2 proto ftp bandwidth-contract name

mycontract

to create a whitelist ACL entry that denies traffic using protocol 2 on port 5000 from being forwarded to the

controller:

(host) (config-fw-cp) deny proto 2 ports 5000 5000

User Roles

User roles are comprised of user role settings, firewall policies, and bandwidth contracts. This section describes

the procedure to create a new user role, and associate a firewall policy with that role.

This section describes how to create a new user role. When you create a user role, you must specify one or

more firewall policies for the role.

In the WebUI

1. Navigate to the Configuration > Security > Access Control > User Roles page.

2. Click Add to create and configure a new user role.

3. Enter a user role name.

4. Under Firewall Policies, click Add.

5. Select one of the following three options to add a policy to the role.

l To use an associate an existing policy to the user role, select Choose from Configured Policies then

select an existing policy from the drop-down list.

l to create a new policy based upon the settings of an existing policy, select Create New Policy from

Existing Policy drop-down list, then select an existing policy from the drop-down list. The Policies page

appears, allowing you to configure a new firewall policy.

l To create and configure an entirely new policy, select Create New Policy, then click Create. The

Policies page appears, allowing you to configure a new firewall policy.

6. Click Done to add the policy to the user role.

7. (Optional) If the user role contains more than one firewall policy, use the up and down arrows to assign

priorities to each role. The higher the policy on the list, the higher its priority.

8. In the Misc. Configuration section, enter configuration values as described in Table 62.

9. Click Apply.

10.Next, you must assign the user role to a AAA profile. After assigning the user role you can use the show

reference user-role <role> command to see the profiles that reference this user role.For more

information, see Assigning User Roles on page 372

Dell Networking W-Series ArubaOS 6.4.x | User Guide Roles and Policies | 370