Security

Reply
Occasional Contributor II
Posts: 14
Registered: ‎04-04-2012

apple and android pulling 2 adress

[ Edited ]

the apple device or android will still utilize the last ip address it attached to most likely the users home address 10.0.0 or 192. x
The issue is it is using up address in a scope that is in my dmz on the 10 network ( don't yell at me some idiot used it as my dmz 10 years ago long before I worked here) I will be moving it asap. but for now, is there anything I can do to prevent this from happening

 

 

(psd-master01) #show  user | include  10:1c:0c:2a:2a:1b
10.0.0.10       10:1c:0c:2a:2a:1b                             psd-guest-logon    00:00:01                    AP-RM-211.Floor 1.100.GHH                  Wireless  psd-open/d8:c7:c8:f7:39:28/a-HT    psd-open    tunnel        iPad           
10.50.146.61    10:1c:0c:2a:2a:1b                             psd-guest-logon    00:00:01                    AP-RM-211.Floor 1.100.GHH              Wireless  psd-open/d8:c7:c8:f7:39:28/a-HT    psd-open    tunnel        iPad 

 

(psd-master01) #show  user | include  84:38:35:97:a5:59
10.10.129.18    84:38:35:97:a5:59  84383597a559               psd-authenticated  00:01:34    MAC             ESC_SWITCH_ON_BENCH                        Wireless  psd-secure/ac:a3:1e:9a:3d:11/a-HT   psd-secure  tunnel        iPhone    
172.24.25.144   84:38:35:97:a5:59  84383597a559               psd-authenticated  00:01:34    MAC             ESC_SWITCH_ON_BENCH                     Wireless  psd-secure/ac:a3:1e:9a:3d:11/a-HT  psd-secure  tunnel        iPhone    

 

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: apple and android pulling 2 adress

If you are not using the 192 space, you can add a deny rule for that subnet to the validuser acl. 


Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 14
Registered: ‎04-04-2012

Re: apple and android pulling 2 adress

Try that dosnt work

Occasional Contributor II
Posts: 14
Registered: ‎04-04-2012

Re: apple and android pulling 2 adress

Tried that dosn't work

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: apple and android pulling 2 adress

Do you have enforce-dhcp enabled in your AAA profile?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 4,271
Registered: ‎07-20-2011

Re: apple and android pulling 2 adress

[ Edited ]
Edit: Cappalli already suggested that
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor I
Posts: 9
Registered: ‎01-05-2009

Re: apple and android pulling 2 adress

Add the segments you want to allow on the controller to the valid user ACL. Search for valid user on the community.
Tom Engeleit
ACMP
Occasional Contributor I
Posts: 9
Registered: ‎01-05-2009

Re: apple and android pulling 2 adress

All other segments will be denied
Tom Engeleit
ACMP
Search Airheads
Showing results for 
Search instead for 
Did you mean: