Users Guide
341 | 802.1X Authentication Dell Networking W-Series ArubaOS 6.4.x| User Guide
c. Under Service, select service. In the Service scrolling list, select svc-telnet.
d. Under Action, select drop.
e. Click Add.
f. Repeat steps A-E to create rules for the following services: svc-ftp, svc-snmp, and svc-ssh.
5. Click Apply.
6. Select the User Roles tab. Click Add to create the faculty role.
7. For Role Name, enter faculty.
8. Under Firewall Policies, click Add. In Choose from Configured Policies, select the faculty policy you
previously created. Click Done.
In the CLI
(host)(config) #ip access-list session faculty
user alias “Internal Network” svc-telnet deny
user alias “Internal Network” svc-ftp deny
user alias “Internal Network” svc-snmp deny
user alias “Internal Network” svc-ssh deny
(host)(config) #user-role faculty
session-acl faculty
session-acl allowall
Creating the Guest Role and Policy
The guest policy permits only access to the internet (via HTTP or HTTPS) and only during daytime working
hours. The guest policy is mapped to the guest user role.
In the WebUI
1. Navigate to the Configuration > Security > Access Control > Time Ranges page to define the time
range working-hours. Click Add.
a. For Name, enter working-hours.
b. For Type, select Periodic.
c. Click Add.
d. For Start Day, click Weekday.
e. For Start Time, enter 07:30.
f. For End Time, enter 17:00.
g. Click Done.
h. Click Apply.
2. Click the Policies tab. Click Add to add the guest policy.
3. For ePolicy Name, enter guest.
4. For Policy Type, select IPv4 Session.
5. Under Rules, click Add to add rules for the policy.
To create rules to permit access to DHCP and DNS servers during working hours:
a. Under Source, select user.
b. Under Destination, select host. In Host IP, enter 10.1.1.25.
c. Under Service, select service. In the Service scrolling list, select svc-dhcp.
d. Under Action, select permit.
e. Under Time Range, select working-hours.
f. Click Add.