Controller Based WLANs

How do I configure the controller to log the deny event by creating an ACL?

Question:  How do I configure the controller to log the deny event by creating an ACL?

 

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.


You might have a user that is pinging the server continuously. If you view the logs, you can see which restricted user is pinging the server and you can log the deny event.

Issue the following command to check the deny events:


# show log errorlog < no> | include deny
#show log security all
Oct 11 01:35:04 :103062: <INFO> |ike| Starting cryptoPOST
Oct 11 02:02:01 :124006: <WARN> |authmgr| {0} ICMP srcip=172.16.0.253 dstip=17
2.16.0.254, type=8, code=0, sequence=1280, id=512, action=deny, role=logon, poli
cy=logon-control
Oct 11 02:02:06 :124006: <WARN> |authmgr| {1} ICMP srcip=172.16.0.253 dstip=17
2.16.0.254, type=8, code=0, sequence=1536, id=512, action=deny, role=logon, poli
cy=logon-control
Oct 11 02:02:12 :124006: <WARN> |authmgr| {2} ICMP srcip=172.16.0.253 dstip=17
2.16.0.254, type=8, code=0, sequence=1792, id=512, action=deny, role=logon, poli
cy=logon-control
Oct 11 02:02:17 :124006: <WARN> |authmgr| {3} ICMP srcip=172.16.0.253 dstip=17
2.16.0.254, type=8, code=0, sequence=2048, id=512, action=deny, role=logon, poli
cy=logon-control

Issue the following command to configure the controller to log the deny event of svc-icmp for a particular role:


(Aruba)(config-sess-logon-control)#any any svc-icmp deny log

Version history
Revision #:
1 of 1
Last update:
‎07-07-2014 12:56 PM
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.