Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

Why do few wireless clients experience problem in connecting to an SSID, where other clients have no issue? 

Jun 26, 2014 08:12 PM

Environment : This article applies to Aruba Mobility Domain with ArubaOS.

 

Surprisingly, some clients experience problem in connecting to an SSID and as a WLAN administrator one would not have a clue. The first place where an administrator should look into,  is the output of following CLI command to see if the MAC address of the client is listed here:

"Show ap blacklist-clients"

 

 

rtaImage.jpg

 

There are several reasons why a client gets blacklisted. For example, when you enable different Aruba intrusion detection system (IDS) features that detect suspicious activities, such as MAC address spoofing or DoS attacks.

Below shown are the various reasons for a client getting blacklisted:

 

 

user-defined: User was blacklisted due to blacklist criteria were defined by the network administrator
mitm-attack: Blacklisted for a man in the middle (MITM) attack; impersonating a valid enterprise AP.
ping-flood: Blacklisted for a ping flood attack.
session-flood: Blacklisted for a session flood attack.
syn-flood: Blacklisted for a syn flood attack
session-blacklist: User session was blacklisted
IP spoofing: Blacklisted for sending messages using the IP address of a trusted client.
ESI-blacklist: An external virus detection or intrusion detection application or appliance blacklisted the client.
CP-flood: Blacklisting for flooding with fake AP beacons.
UNKNOWN: Blacklist reason unknown.

 

  • You can configure the duration that clients are blacklisted on a per-SSID basis via the virtual AP profile. There are two different blacklist duration settings:

    • For clients that are blacklisted due to authentication failure. By default, this is set to 0 (the client is blacklisted indefinitely)

     

    • For clients that are blacklisted due to other reasons, including manual blacklisting. By default, this is set to 3600 seconds (one hour). You can set this to 0 to blacklist clients indefinitely.

#3600

Statistics
0 Favorited
14 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.