Log in to cloud.prontonetworks.com
From the left hand menu, select Organisation to expand its dropdown menu, and select ACL Groups.
From the top right of the page, select the blue button, +Create New ACL.
Name your ACL policy under Group Name.
Select the devices, tags, or network policies you wish to apply the ACL rules to, under AP / AP Tags / Network.
Configure your ACL rules with the following in mind:
Src = Source
Dst = Destination
Traffic is matched by the ACL rules top to bottom.
There is no implicit ‘Deny All’ at the end of the rules. So any packet not matching any rules would be allowed to pass through.
You may use domains (websites) instead of IP addresses for the fields Src IP/Domain/ Dst IP/Domain. If the domain is added, (ex. Yahoo.com), then the corresponding subdomains are also matched(ex, mail.yahoo.com, news.yahoo.com etc)
For the fields Src Uplink Type/Dst Uplink Type, the option ALL includes the LAN and Wifi.
ACL rules primarily apply for routed traffic.
Under Configuration, Network, for the SSID/VLAN sections, IP Configuration, DNS Mode, choose ‘Use ISP(Default)’ if adding ACL rules based on domain names
The Ports can be configured as a single port number(ex. 80) or a range of ports.(ex. 5001:6000).
Once you’ve finished creating your rules, select the green button Create ACL Group.