About access control rules

You can add rules to block access to the wireless network according to group membership. This is a complete block to the wireless network, not just to the Internet. You can use the Smoothwall Filter to block access to the Internet, but still allow access to the wireless network.

  • The Smoothwall must be the authentication RADIUS server for the network.
  • RADIUS authentication is via Active Directory.
  • The network access server must be able to send the users’ authentication group in the Filter-ID RADIUS attribute.

A default rule, All other groups, is provided as a "catch-all" for those cases where a user group doesn't have an associated access control rule. The default behavior is to allow access to the wireless network.

Note: The Access control rules table isn't an ordered table of rules. Block actions take precedence when rules overlap, such as when a user is a member of a two groups, where the behavior for one group is to block but the other to allow.