Network Management

Reply
Frequent Contributor I

Push single via Airwave

I want to enable blacklisting with failed auths on about 20 aruba controllers.  Can I apply a single command via Airwave?  We currently dont provision AP's or apply configurations via Airwave now.  Running latest code on everything.

Re: Push single via Airwave

You *can* do this with Airwave but you have to make sure that all controllers in the Group share a similar config because once you move to manage mode in the Group, it will use one of the controller's configs as a config template to then sync to all other controllers in the same group.  You can use overrides for the 20 controllers you wish to add the blacklist to.

 

Another thought...do you have Clearpass?  If not you really should consider it :-).  In there, we can write both the blacklisted clients and a policy to say if an auth comes in from X device group (20 controllers) AND the client Mac/user ID/device is part of the blacklist, then deny access or even redirect to a captive portal explaining what happened.  See below example.  We can write this blacklist based on a simple list or using more flexible regular expressions.  We can also write the blacklist on other context variables like device types and usernames/AD groups.

 

Hope this helps!

 

guest-unauthorized-access.jpg

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Frequent Contributor I

Re: Push single via Airwave

Yes, I have "accidently" pushed a config to another controller and they were not exact.  So I am scared to change to modify mode via Airwave.

 

We do have and use Clearpass.. I have the blacklisting enabled and working on 1 of our controllers, just want to enable the exact thing on all our remote controllers.

Re: Push single via Airwave

Well...if you have Clearpass, then have that solution do the blacklisting and don't worry about the controller config blacklisting devices.

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Frequent Contributor I

Re: Push single via Airwave

Is there any documentation on creating a blacklist policy via Clearpass?  Basically how we have it setup now.. a wireless client connecting to our employee SSID has 4 attempts to connect to the network.. with 4 failed attempts, the client will be blacklisted for 60 mins and then try again.  We do this to avoid clients being locked out (via AD).. 5 failed password attempts will lock the client out and can only be unlocked by the helpdesk.. to elevate calls, the account will never be locked via the wireless.

Re: Push single via Airwave

Try this...

 

 

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos

Re: Push single via Airwave

You can then blacklist on the controller FROM Clearpass using this logic...

 

http://community.arubanetworks.com/t5/ClearPass-Recipes/Blacklist-a-user-on-an-Aruba-Controller/ta-p/204337

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Frequent Contributor I

Re: Push single via Airwave

thanks.. I will test that.  will I be able to see the clients who are actually being blacklisted?  I am able to monitor it currently on each controller.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: