Configuration Guide How to allow guest network to access specific device on the main network by configuring EAP ACL?
This Article Applies to:
All SDN EAPs.
Application Scenario:
As shown in the above topology, guests connecting to the guest network cannot access devices on the internal network, but guests are allowed to access the printer on the main network.
Configuration Steps:
Step 1. Create Guest SSID
Log in to the Controller management page, Choose Site view, Go to Settings> Wireless Networks > WLAN, and click Create New Wireless Network to create a guest SSID for the guests, as shown below:
Step 2. Configure DHCP Reservation for the Printer
Go to Settings>services> DHCP reservation and click Create New DHCP Reservation Entry,
Or you can connect the Printer to the main network, go to the Client page, choose the printer, Config > Use Fixed IP Address, and input the IP address for the printer.
Step 3. Create an IP group for the Printer.
Go to Settings > Profiles > Groups > Create new IP group, Choose type as IP group, input the IP address for the Printer, and fill in the subnet as 32.
Step 4. Create an EAP ACL rule
Go to Settings > Network Security > ACL > EAP ACL> Create New Rule, Choose the Policy as Permit, Select the Source as the Guest SSID's Network, select the Destination as the IP Group profile of the printer, as below:
Verification:
Guest clients can't access other WLAN clients:
Guests are able to access the printer:
Feedback:
- If this was helpful, welcome to give us Kudos by clicking the upward triangle below.
- If there is anything unclear in this solution post, please feel free to comment below.
Thank you in advance for your valuable feedback!
------------------------------------------------------------------------------------------------
Have other off-topic issues to report?
Welcome to > Start a New Thread < and elaborate on the issue for assistance.