+ Post New Thread
Results 1 to 4 of 4
Wireless Networks Thread, Ruckus l3\ip access list for guest users in Technical; Hello Running ruckus zd, build 9.2.0.0 build 138, all aspects working fine for domain based devices - authentication and access ...
  1. #1

    Join Date
    Oct 2007
    Location
    scotland
    Posts
    45
    Thank Post
    15
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Ruckus l3\4\ip access list for guest users

    Hello

    Running ruckus zd, build 9.2.0.0 build 138, all aspects working fine for domain based devices - authentication and access to internet via proxy.

    But for guest devices i cannot browse the internet and i think i have narrowed the problem down to my L3\4\Ip address access list.

    Can anyone tell me what allow rules they have created to allow guest devices to get internet access.

    I have the dns and dhcp rules that were there by default and i have also added rules to the gateway and proxy server but i cannot access internet. Maybe its a protocol i need to allow access to?

    If i change the default rule from deny to allow, all guest users can get internet access via the transparent proxy, so i must be missing an allow rule but i cannot think what. As soon as i change back to deny access drops.

    Network is vlanned and the guest users are getting the correct ip address range and correct gateway. The vlans do not have any access lists on them just for grouping devices.

    Thanks
    Miller

  2. #2
    White_Fi's Avatar
    Join Date
    Sep 2008
    Location
    Ipswich
    Posts
    184
    Thank Post
    7
    Thanked 34 Times in 32 Posts
    Rep Power
    32
    Can SShot your ACL over please. Along with the WLAN settings please.

    9.2 is a beta code and should not be on a production ZD. May i ask where you got that FW from?

  3. #3

    Join Date
    Oct 2007
    Location
    scotland
    Posts
    45
    Thank Post
    15
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hi Stuart,

    Here are the 2 screen shots. wlan and acl.

    I got the 9.2 from my account manager who has now contacted me to tell me to rollback as its not for public consumption.

    Hope you can point me in the right direction as to what is stopping me getting guests to access web.

    Cheers
    Miller

    acl list.JPGwlan.JPG

  4. #4
    White_Fi's Avatar
    Join Date
    Sep 2008
    Location
    Ipswich
    Posts
    184
    Thank Post
    7
    Thanked 34 Times in 32 Posts
    Rep Power
    32
    Hi Miller,

    9.3 is out now, i suggest you do NOT upgrade to 9.3 from your current build. I have tested it in a lab and am seeing failed upgrades left fright and centre. Factory resets are needed to restore.

    As for your guest network you do not need to create a L3/4 ACL.
    There is a separate L3/4 ACL under guest access settings that are applied to the client(when the WLAN usage type is guest access or the isolation is set to full)

    You also do not want local isolation but full isolation(any WLAN that has full isolation enabled has the L3/4 ACL from guest access settings applied to it)

    10.0.0.152/22 applies to the entire subnet which i presume you do not want for guest clients. You need a /32 (single address range).
    Is there a proxy address that need to be added as well or are the clients thrown directly out of the FW?

    If you are locking it down to HTTP and HTTPS only i would use the application as any/ source as any and just add the destination as ports 80 and 443

SHARE:
+ Post New Thread

Similar Threads

  1. [Ubuntu] Samba Shares - Read/Write but no Delete for Guest users
    By soveryapt in forum *nix
    Replies: 2
    Last Post: 16th November 2011, 12:12 PM
  2. Access to Global Address List for Students
    By LeonieCol in forum Network and Classroom Management
    Replies: 2
    Last Post: 27th October 2008, 03:40 AM
  3. VLAN for guest internet access
    By plexer in forum How do you do....it?
    Replies: 3
    Last Post: 17th December 2007, 12:50 PM
  4. ms access request for help
    By rama1712 in forum Windows
    Replies: 1
    Last Post: 6th October 2006, 01:01 PM
  5. GPMC "Access Denied" for Administrator
    By Gatt in forum Windows
    Replies: 9
    Last Post: 8th February 2006, 06:25 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •