04-06-2017 03:29 AM
We are having ARUBA IAP 205 (30Nos) and internal DHCP is enabled to assign IP to all the clients. if one of the wireless client sends a malware to the network, the virtual controller ip is getting blocked by the firewall as the virtual controller ip is natted with the client ip. we want to block that particular client who sends the malware. how can we do this other than having a external DHCP ?
04-06-2017 03:31 AM
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
04-07-2017 12:23 AM
Like joseph explained the firewall only sees the virtual controller and not the machines behind the NAT. So one other option would be to assign IP's from the firewall itself so that the firewall can locate the right machine and get the machine blacklisted. Otherwise like how joseph said create a diffrent VLAN for the machines from the ap and then seperate them and see where the problem lies.