199
| Roles and Policies
Aruba Instant 6.5.0.0-4.3.0.0 | User Guide
3. In the
New Rule
window, select the rule type as
Redirect Blocked HTTPS
.
4. Click
OK
.
5. Click
OK
in the
Roles
tab to save the changes.
In the CLI
To configure an ACL rule to redirect blocked HTTPS to a custom error page URL:
(Instant AP)(config)# wlan access-rule <access_rule_name>
(Instant AP) (Access Rule "<access_rule_name>")# dpi-error-page-url <idx>
(Instant AP) (Access Rule "<access_rule_name>")# redirect-blocked-https-traffic
Instant AP) (Access Rule "<access_rule_name>")# end
(Instant AP)# commit apply
Configuring User Roles
Every client in the Instant network is associated with a user role that determines the network privileges for a
client, the frequency of reauthentication, and the applicable bandwidth contracts.
Instant allows you to configure up to 32 user roles. If the number of roles exceed 32, an error message is
displayed.
The user role configuration on an IAP involves the following procedures:
l
Creating a User Role on page 199
l
Assigning Bandwidth Contracts to User Roles on page 200
l
Configuring Machine and User Authentication Roles on page 201
Creating a User Role
You can create a user role by using the Instant UI or the CLI.
In the Instant UI
To create a user role:
1. Click the
Security
link located directly above the Search bar in the Instant main window. The
Security
window is displayed.
2. Click the
Roles
tab. The Roles tab contents are displayed.
3. Under Roles, click
New
.
4. Enter a name for the new role and click
OK
.
You can also create a user role when configuring wireless or wired network profiles. For more information, see
Configuring Access Rules for a WLAN SSID Profile on page 98
and
Configuring Access Rules for a Wired Profile
In the CLI
To configure user roles and access rules:
(Instant AP)(config)# wlan access-rule <access-rule-name>
(Instant AP)(Access Rule <Name>)# rule <dest> <mask> <match> <protocol> <start-port> <end-
port> {permit|deny|src-nat [vlan <vlan_id>|tunnel]|dst-nat {<IP-address> <port>|<port>}}
[<option1…option9>]