12-14-2021 05:35 PM
Hello,
New to vSZ, but I have a question pertaining to controlling what IP's can/can't access our admin portal. Would I need to create an ACL profile, prior to doing an L3 policy ?
I have my vSZ NAT'd on WAN, but I know I can accomplish such tasks through that firewall - but for simpler terms - this is possible through ACL's on vSZ?
I just want to limit certain IP's on WAN to access this url.
Solved! Go to Solution.
12-15-2021 03:06 AM
Hi Kristphr,
If you want to restrict access to the SmartZone's administrator interface from your LAN/WAN, this can be facilitated by implementing a 'Management Interface Access Control Rule' https://docs.commscope.com/bundle/sz-520-adminguide-sz100vsz/page/GUID-4B6B1916-74E2-45E7-9197-9B650...
Additionally you can implement rules on your own firewall and/or infrastructure the SmartZone connects to. Please find a link to a guide of ports the SZ uses for connectivity: https://support.ruckuswireless.com/documents/1335-smartzone-firewall-ports-configuration-guide
It is also possible to create L2 and L3 firewall policies for wireless clients: https://docs.commscope.com/bundle/sz-520-adminguide-sz100vsz/page/GUID-B9CA3669-FC8E-4135-88CC-4235D...
I hope that helps,
Darrel.
12-15-2021 03:06 AM
Hi Kristphr,
If you want to restrict access to the SmartZone's administrator interface from your LAN/WAN, this can be facilitated by implementing a 'Management Interface Access Control Rule' https://docs.commscope.com/bundle/sz-520-adminguide-sz100vsz/page/GUID-4B6B1916-74E2-45E7-9197-9B650...
Additionally you can implement rules on your own firewall and/or infrastructure the SmartZone connects to. Please find a link to a guide of ports the SZ uses for connectivity: https://support.ruckuswireless.com/documents/1335-smartzone-firewall-ports-configuration-guide
It is also possible to create L2 and L3 firewall policies for wireless clients: https://docs.commscope.com/bundle/sz-520-adminguide-sz100vsz/page/GUID-B9CA3669-FC8E-4135-88CC-4235D...
I hope that helps,
Darrel.
12-15-2021 04:13 PM
@darrel_rhodes thank you for this, Darrel. Literally what I was looking for - but couldn't figure out where to start.