We are having ARUBA IAP 205 (30Nos) and internal DHCP is enabled to assign IP to all the clients. if one of the wireless client sends a malware to the network, the virtual controller ip is getting blocked by the firewall as the virtual controller ip is natted with the client ip. we want to block that particular client who sends the malware. how can we do this other than having a external DHCP ?
Like joseph explained the firewall only sees the virtual controller and not the machines behind the NAT. So one other option would be to assign IP's from the firewall itself so that the firewall can locate the right machine and get the machine blacklisted. Otherwise like how joseph said create a diffrent VLAN for the machines from the ap and then seperate them and see where the problem lies.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.