Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

what device is this user?

This thread has been viewed 0 times

  • 1.  what device is this user?

    Posted Oct 04, 2012 12:02 AM

    hi all

    Our controller have a mac,which can't be deny.

    I try aaa user delete that mac,failed.

    And i add blacklist,it still come into user-table.

    Is this something error?

    The mac vendor which i inquire is "CISCO".

    thanks for help.

    -------------------------------

    (Aruba-M-01) # show user | include 00:1a:e3:1a:c9:c0
    10.2.11.12 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.11.13 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.24.14 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.24.18 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.24.22 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.14.21 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.104 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.112 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.121 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.124 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.131 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.134 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.137 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.226 00:1a:e3:1a:c9:c0 logon 00:00:00 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.12.227 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel
    10.2.13.17 00:1a:e3:1a:c9:c0 logon 00:00:02 N/A Associated /00:00:00:00:00:00/b tunnel

    -----------------------------



  • 2.  RE: what device is this user?

    EMPLOYEE
    Posted Oct 08, 2012 08:01 AM

    You have to blacklist the device when it is not connected to the network.  If you blacklist a device while it is connected, it will only be blacklisted temporarily based on the blacklist timer in the Virtual AP the device is connected to.

     

     

     

     



  • 3.  RE: what device is this user?

    EMPLOYEE
    Posted Oct 08, 2012 08:01 AM

    You have to blacklist the device when it is not connected to the network.  If you blacklist a device while it is connected, it will only be blacklisted temporarily based on the blacklist timer in the Virtual AP the device is connected to.

     

     

     

     



  • 4.  RE: what device is this user?

    Posted Oct 09, 2012 01:44 AM

    I add it to blacklist,and aaa user delete the device all.

    But it still join into user-table quickly.

    Should i do any else for test?

     

    Thank you,Sir!