R2511-HP MSR Router Series ACL and QoS Command Reference(V5)
31
Syntax
rule [ rule-id ] { deny | permit } [ ssid ssid-name ]
undo rule rule-id
Default
A WLAN ACL does not contain any rule.
Views
WLAN ACL view
Default command level
2: system level
Parameters
rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL
rule, the system automatically assigns it a rule ID. This rule ID takes the nearest higher multiple of the
numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is
5 and the current highest rule ID is 28, the rule is numbered 30.
deny: Denies matching packets.
permit: Allows matching packets to pass.
ssid ssid-name: Specifies a WLAN's SSID name, a case-sensitive string of 1 to 32 alphanumeric
characters. Spaces are allowed. If the ssid option is not specified, the rule applies to packets with any
SSID.
Usage guidelines
Within an ACL, the permit or deny statement of each rule must be unique. If the ACL rule you are creating
or editing has the same deny or permit statement as another rule in the ACL, your creation or editing
attempt fails.
To view rules in an ACL and their rule IDs, use the display acl all command.
The following matrix shows the command and hardware compatibility:
Hardware Rule (WLAN ACL view)
MSR900 Yes
MSR93X No
MSR20-1X Yes
MSR20 Yes
MSR30 Yes
MSR50 Yes (except MPU-G2)
MSR1000 Yes
Examples
# Create a rule for WLAN ACL 100 to permit packets with the SSID name of user1 and apply this ACL
to user interface VTY 0 to restrict user access.
<Sysname> system-view
[Sysname] acl number 100
[Sysname-acl-wlan-100] rule permit ssid user1