Product and Software: This article applies to all Aruba controllers and ArubaOS versions that have IDS enabled.
A sniffer trace of the session shows that the client is trying aggressively to stay connected to the new SSID. This action is due to an IDS policy that has been set up in one of the IDS signatures. The system is disconnecting the session.
Verify that the system is protecting valid clients against a valid SSID list. The two ways to resolve the issue are:
1) Disable "Protect SSID" in the IDS profile.
2) We can also add the new SSID to the "Valid and Protected SSIDs" list.
When the "Protect SSID" option is selected, the only valid SSIDs will be "guest," "employee," and "phones." If new SSIDs are needed, they must also be added to the "Valid and Protected SSIDs" list.