Uplink ACL Rules

WAN Uplink ACL Rules

1. Log in to cloud.prontonetworks.com

2. From the left hand menu, select Organisation to expand its drop down menu, and select ACL Groups.

3. From the top right of the page,select the blue button, +Create New ACL.

4. Name your ACL policy under Group Name.

5. Select the devices, tags, or network policies you wish to apply the ACL rules to, under AP / AP Tags / Network.

Configure your ACL rules with the following in mind:

  • Src = Source

  • Dst = Destination

  • Traffic is matched by the ACLrules top to bottom.

  • There is no implicit ‘Deny All’at the end of the rules. So any packet not matching any rules would be allowed to pass through.

  • You may use domains (websites)instead of IP addresses for the fields  Src IP/Domain/ DstIP/Domain. If the domain is added, (ex. Yahoo.com), then the corresponding sub domains are also matched(ex, mail.yahoo.com,news.yahoo.com etc)

  • For the fields Src UplinkType/Dst Uplink Type, the option ALL includes the LAN andWifi. 

  • ACL rules primarily apply for routed traffic.

  • Under Configurtion,Network, for the SSID/VLAN sections, IP Configuration, DNS Mode, choose ‘Use ISP(Default)’if adding ACL rules  based on domain names

  • The Ports can be configured as a single port number(ex. 80) or a range of ports.(ex. 5001:6000).

6. Once you’ve finished creating your rules, select the green button Create ACL Group.