I tested both dot11 assoc list and L2 filter in a lab. Had a wired client behind the bridge.
root to nonroot bridge carry 2 vlans. The native and a client vlan behind bridge. I tested with accociation list (that is global) and it seems not to block the wired clients. I could fully communicate with clients behind the bridge from switch behind the root bridge. My denies got a lot of hits but still it was working. However if I changed this to L2 filter. set in and out filters on my native subinterface (with L2 bridge-group acl command on the radio) Everything else was blocked. regards. Kristjan _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
