cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1492
Views
0
Helpful
1
Replies

Wap121 SSID for DHCP & Web only

guy.monet
Level 1
Level 1

Hi, I want to know how to configure ACL to have access to dhcp and web only.

My router does not support tag vlan.

Any suggestion ??

Guy

1 Accepted Solution

Accepted Solutions

Bilal Nawaz
VIP Alumni
VIP Alumni

You need an extended ACL as below:

AP#ip access-list extended Allow_DHCP_WEB
AP#permit tcp any any eq www
AP#permit tcp any any eq 443
AP#permit udp any any eq bootpc
AP#permit udp any any eq bootps
AP#deny ip any any
AP#exit

(Assuming you want to enable this on the WAP inbound to filter for client laptops?)

AP#interface Dot11Radio 0
AP#ip access-group Allow_DHCP_WEB in

If you want to block outbound traffic use the bootpc and bootps ones along with

Permit tcp any any established

If not, just apply to the correct interface.

Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

View solution in original post

1 Reply 1

Bilal Nawaz
VIP Alumni
VIP Alumni

You need an extended ACL as below:

AP#ip access-list extended Allow_DHCP_WEB
AP#permit tcp any any eq www
AP#permit tcp any any eq 443
AP#permit udp any any eq bootpc
AP#permit udp any any eq bootps
AP#deny ip any any
AP#exit

(Assuming you want to enable this on the WAP inbound to filter for client laptops?)

AP#interface Dot11Radio 0
AP#ip access-group Allow_DHCP_WEB in

If you want to block outbound traffic use the bootpc and bootps ones along with

Permit tcp any any established

If not, just apply to the correct interface.

Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.