Reset Search
 

 

Article

How to configure intra-SSID traffic blocking on a per ssid basis

« Go Back

Information

 
TitleHow to configure intra-SSID traffic blocking on a per ssid basis
Objective
AOS 8.5 introduced a new feature that allows network administrators to configure the network to block wireless to wireless traffic on a per ssid basis.  While there has long been an ap-wide capability to do this, it was not previously available on a per-ssid basis.  This KB explains how to configure intra-ssid blocking on a per-SSID basis in AOS 8.5.1.

At the present time, it is not possible to make the configuration via WOS, except as a configuration template.
Environment
  • WLAN 9100
  • AOS 8.5.1 or later
Procedure
The configuration requires configuring a packet filter for the given SSID.  The filter should then be applied to the SSID.  In the cli, the filter will look as below:

add "FILTER_NAME" deny log layer 2 prot any port any src ssid "SSID_NAME" dst ssid "SSID_NAME" enable
Additional notes
The larger configuration for the filtering would look as below:

filter
  reset
  stateful            enable
  disable
  !
  add-list "MuToMu"
    add "FILTER_NAME" deny log layer 2 prot any port any src ssid "SSID_NAME" dst ssid "SSID_NAME" enable
    enable
  exit
exit
!
ssid   ! (filter mappings)
  edit "SSID_NAME"         filter-list "MuToMu"
exit

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255