Hi!

You will have to apply a ACL into the SVI interface in your switch if your traffic is being routed by a Multilayer Switch so your switch will route the traffic as specified in the ACL statements, this document explains in detail how to achieve the necessary configurations:

https://danielkuchenski.wordpress.com/2012/12/04/applying-an-acl-on-a-l3-vlan-svi/

If you are routing your traffic by a router is basicaly the same concept.

Hope it helps, best regards!

JC

Hi Shah,

You'd get more answers if you'd post this in the wireless section. generally the way that I'd like to set ACLs for guest wireless vlan is through the controller itself using the option "Access control list " (Controller -> Interfaces ->ACL Name).you'd have to define the ACL first in the Security -> Access Control List  Section.If the interface is being shared for some reason you could look in to applying the ACL to WLAN in the Advanced tab(You'll find Override interface ACL option)

Out of the questions scope but you might also be interested in reading about "P2P blocking action" and "coverage hole detection" options in the advance section as well. I turn them off for guest WLANs

Cheers

Prabath