05-06-2011 03:16 PM
Against my recommendations, the customer wants to use 1-month generic logins, and I'd like to, at the very least, secure it so that if someone keeps trying to login and failing, that it would lock that account out at some point.
05-07-2011 03:53 AM
In addition, you want to turn on Station Blacklisting, in the Virtual AP profile and configure how long that device will be blacklisted (authentication failure blacklist time). Go to configuration> Wireless> AP Configuration> Edit your AP Group. Expand Wireless, Expand Virtual AP and click on the wireless network. Enable Station Blacklisting and change the authentication failure blacklist time to indicate in seconds how long the device will not be able to connect back to the network, and click on apply.
When users are blacklisted, they will appear in the monitoring tab under Controller> Blacklist Clients. Please make sure that authentication failure blacklist time is 300 seconds (5 minutes) or less and the max authentication failure parameter is 5 to ensure that you are not always busy restoring service for legitimate users.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
05-09-2011 08:02 AM