Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

225 with 50 clients before I even gave out the password?

This thread has been viewed 0 times

  • 1.  225 with 50 clients before I even gave out the password?

    Posted Feb 25, 2015 03:55 PM

    Hi, I'm new here and I have a strange situation that I bet can be answered quickly.

    I installed (5) Aruba 225 access points last years. I set them up in instant mode. I've been having a network issue for the last week with wireless IP phones. To track down that problem, I changed the password to wifi access. We have two VLANs and I changed the password for both. After that, I told the access points to reboot. I'm seeing 50 clients connected with addresses of 0.0.0.0. How can there be any clients? I haven't given the new passwords to anyone yet. I'm baffled. Maybe I have something misconfigured? It seems so odd. Can anyone shed any light on this? I'm on software version 6.3.1.8-4.0.0.9_47220. I checked and that seems to be the latest.

    Thanks


    #AP225


  • 2.  RE: 225 with 50 clients before I even gave out the password?

    EMPLOYEE
    Posted Feb 25, 2015 04:04 PM
    Is there an open SSID configured?


  • 3.  RE: 225 with 50 clients before I even gave out the password?

    Posted Feb 25, 2015 04:07 PM

    Nope. Just the two. An employee and a guest SSID, each on a different subnet.



  • 4.  RE: 225 with 50 clients before I even gave out the password?

    EMPLOYEE
    Posted Feb 25, 2015 04:13 PM

    IP address of 0.0.0.0 sounds like they are pre-auth.  I wouldn't be surprised if these are just client devices that are randomly trying to connect to any visible SSID.  Is the guest SSID publicly visible or hidden?



  • 5.  RE: 225 with 50 clients before I even gave out the password?

    Posted Feb 25, 2015 04:39 PM

    Both SSIDs are visible. The DHCP servers that run our network obviously didn't give them an address. I don't see how I could have any clients showing. It baffles me. No one knows what the security passords are to try and connect via WiFi.

    Does Aruba Instant setup any connections like that between each access point? Could that be the source of any connections? If not, then I'm back to scratching my head on this one.



  • 6.  RE: 225 with 50 clients before I even gave out the password?

    EMPLOYEE
    Posted Feb 25, 2015 04:45 PM

    Is there a captive portal page / role setup that puts clients into a pre-auth role?



  • 7.  RE: 225 with 50 clients before I even gave out the password?

    Posted Feb 25, 2015 04:51 PM

    Nope. The guest is setup the same as the employee. They are both setup as

    Primary usage: Employee

    Client IP assignment: Network assigned

    VLAN is static; guest=2 employee=1

    security WPA-2 &WPA passphrase 8-63 chars

    Access is unrestricted

     

    Thank you for the help. I really appreciate it.



  • 8.  RE: 225 with 50 clients before I even gave out the password?

    EMPLOYEE
    Posted Feb 25, 2015 04:55 PM

    I've forwarded the issue to see if some of our QA can replicate in house.  In the meantime, please open a TAC case.



  • 9.  RE: 225 with 50 clients before I even gave out the password?

    Posted Feb 25, 2015 05:49 PM

    Interestingly, I set the passwords back to their old psswords. All the clients with addresses of 0.0.0.0 went away. Strange day...



  • 10.  RE: 225 with 50 clients before I even gave out the password?
    Best Answer

    Posted Mar 03, 2015 05:13 AM

    all 0.0.0.0 clients are auth failed clients, it will not get SSID service. 

    once client connect AP with wrong password, it will disappear as 0.0.0.0 until user input correct password.

    And IAP will keep auth failed clients for several mins and then delete it by IAP check period. 

     

    for you set SSID password back to old one, i think clients auto connect the AP with old password and got IP from APs. 

     



  • 11.  RE: 225 with 50 clients before I even gave out the password?

    Posted Mar 03, 2015 05:55 PM

    Thanks so much for the answer. That would definately explain the behavior I saw. I feel a bit safer going back and changing the passwords again.

    @wdeng wrote:

    all 0.0.0.0 clients are auth failed clients, it will not get SSID service. 

    once client connect AP with wrong password, it will disappear as 0.0.0.0 until user input correct password.

    And IAP will keep auth failed clients for several mins and then delete it by IAP check period. 

     

    for you set SSID password back to old one, i think clients auto connect the AP with old password and got IP from APs.