wlan walled-garden
white-list <domain>
black-list <domain>
no…
This command configures a walled garden to control user access to the Web content and services. The walled garden access is required when an external captive portal is used.
Command/Parameter |
Description |
Range |
Default |
wlan walled-garden | Creates a Walled Garden profile for the IAP. | — | — |
white-list <domain> |
Configures a whitelist of URLs to allow the authenticated users to access to a specific domain. You can specify the URLs which the users can access. To allow access to various sites in the same domain, you can specify a POSIX regular expression (regex(7)). For example, yahoo.com/* to provide access to various domains such as news.yahoo.com, travel.yahoo.com and finance.yahoo.com. Similarly, the www.apple.com/library/test is only allow a subset of www.apple.com site corresponding to path /library/test/*. |
URLs, URLs with POSIX regular expression (regex(7)) |
— |
black-list <domain> |
Configures a blacklist to prevent the users from accessing the websites in a specific domain. You can specify the URLs for which the user access is denied. When a URL specified in blacklist is accessed by an unauthenticated user, IAP sends an HTTP 403 response to the client with a simple error message. |
URLs |
— |
no… | Removes the configuration. | — | — |
Use this command to configure a walled garden profile. A walled garden access is required when an external captive portal is used. For example, a hotel environment where the unauthenticated users are allowed to navigate to a designated login page (for example, a hotel website) and all its contents.
The users who do not sign up for the Internet service can view the “allowed” websites (typically hotel property websites). The website names must be DNS-based and support the option to define wildcards. This works for client devices with or without HTTP proxy settings.
When a user attempts to navigate to other websites not in the whitelist of the walled garden profile, the user is redirected to the login page. Similarly, a blacklisted walled garden profile blocks the users from accessing some websites.
The following example configures a walled garden profile:
(Instant AP)(config)# wlan walled-garden
(Instant AP)(Walled Garden)# white-list <domain>
(Instant AP)(Walled Garden)# black-list <domain>
(Instant AP)(Walled Garden)# end
(Instant AP)# commit apply
Version |
Description |
Aruba Instant 6.2.1.0-3.3 |
This command is introduced. |
IAP Platform |
Command Mode |
All platforms |
Configuration mode |