Creating an L2 Access Control Service

Another method to control access to the network is by defining Layer 2/MAC address access control lists (ACLs), which can then be applied to one or more WLANs or WLAN groups. L2 ACLs are either allow-only or deny-only; that is, an ACL can be set up to allow only specified clients or to deny only specified clients. MAC addresses that are in the deny list are blocked at the AP.

  1. Go to Services & Profiles > Access Control.
  2. Select the L2 Access Control tab, and then select the zone for which you want to create the access control service.
  3. Click Create.
    The Create L2 Access Control Service page appears.
    Figure 78  Creating an L2 Access Control Service


  4. Configure the following:
    1. General Options:
      • Name: Type a name for this policy.
      • Description: Type a short description for this policy.
      • Restriction: Select the default action that the controller will take if no rules are matched. Available options include: Allow only the stations listed below or Block only the stations listed below.
    2. Rules:
      • MAC Address: Type the MAC address to which this L2 access policy applies.
    3. Click OK.

You have created an L2 access policy.

NOTE
You can also edit, clone and delete a policy by selecting the options Configure, Clone and Delete respectively, from the L2 Access Control tab.
Parent topic: Configuring Access Control