Hi All,
I’ve got a campus network running on CAPsMAN. It works perfectly, except I have a wireless printer on the public that I need to print from the same L2/datapath/L3 network. Are there anyway to allow local forwarding to an IP or MAC address without allowing all devices to forward? Like some sort of exception?
Thanks.
I suppose what you want is two wireless clients to communicate with each other right?
Client forwarding is for that.. not local forwarding, this is something else…
Is the printer in the same subnet as your wireless clients?
Yes it is. Same /23 subnet.
You will have to enable client forwarding. Since this will affect all clients and because every device is in the same Layer2 network, you can use Bridge Firewall…
Through the Bridge firewall you can accept all forward traffic from the device you want and block all others…
I think that should work…
I was thinking some sort of VACL. I was hoping there was some CAPsMAN allow feature. Thanks for the help.