12-27-2016 10:41 AM
I would like to implement some containment regarding some rogue access points (3G and 4G devices).
It's not very clear to me how does this work on IAP.
Does it only work with Monitor mode IAPs?
What would be your recommended settings?
12-29-2016 09:15 AM
Please review the user guide for IDS. There is no requirement to have a dedicated Air Monitor to perform containment and there are also wired containment options available as well.
Note that if you have Aruba or HPE Aruba switches, you can automatically have the IAP inform the upstream switch that there is a rogue and the switch itself will admin down the port.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
12-29-2016 12:21 PM
I was testing some settings...
Right now I have set to High in terms of detection and also protection but I can't see actual difference.
I setup a rogue 4G Wifi Hotspot right next to an IAP 205 but the clients seems to be able to connect to it and have proper network access...
I set the wireless containment to "Tarpit all stations"
12-29-2016 05:09 PM
I would leave it to the defaults. High has unintended consequnces and can deny legitimate traffic.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base