ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 28
Registered: ‎07-29-2009

Blacklist user

Hi,

We have some troubles with blacklisted users. I configured firewall options as follows :
Monitors ip session attack : 128/sec
Monitor syn attack : 96/sec

These values are much higher than recommended (32 by default) but we have always many blacklisted users.

Did you enable these options? Or did you limit the number of session in role definition? If yes, what values did you use, and have you the same problems?

Tanks in advance.
Occasional Contributor II
Posts: 28
Registered: ‎07-29-2009

Re: Blacklist user

No idea :(?

Please someone can help me ?
Guru Elite
Posts: 20,578
Registered: ‎03-29-2007

Monitor IP Session Attack and Monitor TCP Session Attack

Abrissonnet,

What version of code is this? In addition, when your users are blacklisted it normally says a reason. What is the reason?

Those values are normally not changed from the defaults.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 28
Registered: ‎07-29-2009

Re: Blacklist user

Our version is 3.4.2.2 with a 5000 and SC1 supervisor card.

In general the reason for the blacklist is "syn-flood" or "session-flood".

By default these options are disable. So if I keep them by default, and if I don't change the number of sessions by users, what's about the security advisory avaible at this address: http://airheads.arubanetworks.com/article/arubaos-exposure-cert-fi-advisory-outpost24-tcp-issues

Thanks in advance.
Search Airheads
Showing results for 
Search instead for 
Did you mean: