I have two WLANs in my zone. One for our employees and one for guests/ employee mobile devices.
We wanted to have a Guest WLAN that was isolated and we wanted mobile devices on it as well. The issue I am having is that when people are not at their desk but a different office or building, they cannot access their email (we have an on-site email server).
I have tried to do a whitelist exception but cannot because I am running DHCP/ NAT services. Is there another option? I was thinking maybe a L3 Access Control policy?
If you use the toggle button, it will change the setting between single port/IP vs range.
For example, if you Turn Off the Source IP button, it will let you define single IP address. If you turn it On, you can configure whole subnet.
If you don't want to define any ports, you can leave it, because it is not a mandatory field.
If you use the combination, then access rule will be more specific.
For example, if you use source and destination both addresses, then system will allow/deny the traffic based on source and destination IP.
If you just use source or destination IP, then rule will be applicable accordingly.