ExtremeControl Access Control Group Editor
This panel lists the various rule groups used to define the criteria for the rules used in your ExtremeControl configuration. You can use this window to view and edit the defined rule groups and also to add new rule groups for use in your ExtremeControl configuration. Any changes made in this window are written immediately to the ExtremeCloud IQ Site Engine database.
ExtremeCloud IQ Site Engine comes with system-defined rule groups. ExtremeCloud IQ Site Engine also contains system-defined end-system groups that automatically populate. The Assessment Warning end-system group includes end-systems that have assessment warnings and must acknowledge them before being granted access to the network. The blocked list end-system group includes end-systems denied access to the network. The other system-defined groups are populated as the end-systems register through the Registration portal.
Select from the following rule group categories when you create a new rule group:
Category | Group Types | Value Types |
---|---|---|
All Groups | All Types | A list of all group types. |
Device Type Groups | Device Type | A list of device types. |
End-System Groups | Hostname | A list of hostnames, which can be an exact match or wild card (for example, *.extremenetworks.com). |
IP | A list of IP addresses or subnets. | |
LDAP Host Group | A way to group hosts by doing an LDAP lookup on the resolved hostname of the end-system detected on the network, which can be an exact match or wild card. | |
MAC | A list of MAC addresses, MAC OUI, or MAC masks. | |
Location Groups | Location | A list of switches, switches and ports, or switches and SSIDs. |
Time Groups | Time of Week | A list of the times of the week when the end user is accessing the
network. |
User Groups | LDAP User Group | A list imported from an LDAP Server, organized by Organization Unit (OU), which can be an exact match or wild card. |
RADIUS User Group | A list of attributes returned by the RADIUS server, which can be an exact match or wild card. | |
Username | A list of usernames, which can be based on an exact match or a wild card. | |
OpenID User Group | A list imported from an OpenID Server, which can be an exact match or a wild card. |
To access this window:
- Access the ExtremeCloud IQ Site Engine > ExtremeControl tab.
- Select the Access Control tab.
- Expand the Group Editor tab in the left-panel.
The right-panel rule group detail table opens.
The following buttons are included in the rule group detail table:
- Add
- Use this button to add rule groups or to import MAC entries from a file for viewing and assigning to various end-system groups.
- Reset
- Use this button to clear the search field and any filters, and to update the data in the table.
The following columns display in the rule group detail table:
- Type
- The type selected for the specific rule group; for example, an end-system group could have a type of MAC.
For information on related help topics: