This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

System L2ACL Issues - R510

Go to solution
Mouse6213
New Contributor II

‎09-23-2023 08:50 PM

Hi folks--

I'm having issues with my Unleashed R510 and L2ACL.  Up until earlier today I had an L2ACL (we'll call it Deny) assigned to a specific SSID.  At a particular point I unblocked a device that was going to be used again (that was not on the Deny L2ACL) via the Unleashed app, and then noticed every entry in the Deny L2ACL was now being blocked on each SSID.  

I then logged into the web UI to check the config, and removed the ACL within the UI, yet the devices were still being shown as blocked in the client list.  I've power-cycled the unit, upgraded and downgraded, seemingly everything but a factory reset.  

To the subject, though:  After getting a chance to log into the AP via the CLI, I've confirmed that all of the entries in the Deny L2ACL are now in the System L2ACL, and I have not been able to edit the System L2ACL via CLI or otherwise.  

Does anyone know how to edit the System L2ACL?  Or how to resolve this issue otherwise?  (I would obviously prefer not to do a factory reset.)

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
syamantakomer
Community Admin
Community Admin

‎10-04-2023 02:54 PM

Hi @Mouse6213,

If you block a client directly from the web UI under clients, it will become the part of global L2ACL block list and blocked users cannot connect to any SSID. This is as per design.

Try below online doc which has CLI command to unblock a client, see if that helps.

https://docs.commscope.com/bundle/unleashed-200.13-commandref/page/GUID-B2B99E07-ACEA-4DA2-9649-94E8... 


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn

View solution in original post

8 REPLIES 8

Go to solution
syamantakomer
Community Admin
Community Admin
In response to Mouse6213

‎10-09-2023 05:17 PM

Hi @Mouse6213,

Command listed in this thread should help you. If not working, please confirm what is the output of the command.


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn
0 Kudos

Go to solution
syamantakomer
Community Admin
Community Admin

‎10-04-2023 02:54 PM

Hi @Mouse6213,

If you block a client directly from the web UI under clients, it will become the part of global L2ACL block list and blocked users cannot connect to any SSID. This is as per design.

Try below online doc which has CLI command to unblock a client, see if that helps.

https://docs.commscope.com/bundle/unleashed-200.13-commandref/page/GUID-B2B99E07-ACEA-4DA2-9649-94E8... 


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn

Go to solution
Mouse6213
New Contributor II
In response to syamantakomer

‎10-09-2023 02:52 PM

@syamantakomer --

This was it, thank you so much for the assist!  

I had set these up as an L2ACL List within the Web UI (and blocked that way to a particular SSID), but not via the 'block' option of the client list.  Since I kept seeing them on the System L2ACL Deny list, I never even thought to look at Hotspot Redirect Settings in the manual.  Could this have possibly happened due to me removing a client that HAD been blocked via the Web UI, causing this list to suddenly populate the Global block list instead of the particular one I had created?

Go to solution
syamantakomer
Community Admin
Community Admin
In response to Mouse6213

‎10-09-2023 03:15 PM - edited ‎10-09-2023 03:15 PM

Glad to hear that I was able to assist.

Yes, if you block a connected client from the web UI, the client MAC will land on the global block L2ACL.


Syamantak Omer
Sr.Staff TSE | CWNA | CCNA | RCWA | RASZA | RICXI
RUCKUS Networks, CommScope!
Follow me on LinkedIn
0 Kudos
Copyright © 2024 Khoros, LLC