Wireless Access

Reply
MVP
Posts: 1,422
Registered: ‎10-25-2011

Aruba WIPS configuration guide or white paper or something?

Hi Guys,

 

I am having a hard time configuring WIPS on an Aruba controller and getting clients to connect succesfully.

 

For example:

Open SSID

I enable the following in IDS Unauthorized Device Profile:

 

Protect SSID

Protect Valid Clients

 

My client is not able to connect to our SSID

I disable Protect Valid Clients and I am able to associate.

 

Also running the WIP wizard, I am having a hard time understanding the screen where it asks you to choose Aruba infrastructure or Multi-Vendor.

I configure it one way and when validating it inside the IDS profile I see something else.

 

Also, I disable detect bad wep from the wizard but when validating inside the IDS profile, it is checked.

 

I am using AOS 6.1.3.3 on a 3200.

 

Any help or guidance is appreciated.

 

Do you know if there are any specific WIPS oriented courses with Aruba?

 

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Moderator
Posts: 123
Registered: ‎04-17-2009

Re: Aruba WIPS configuration guide or white paper or something?

There will always be multiple IDS profiles.  The WIP wizard will update one of them and aply that to the specified AP group based on what you have selected.  Please verify that you are looking at the same profile that was updated by the wizard.  If you still see differences, please contact Aruba Support.  That shoudln't be happening. 

 

Protect SSID will keep any client from associating to an AP that is using your protected SSID and is not part of the Valid AP lists.

 

Protect valid stations will contain any station that is considered Valid from connecting with anything but your network.  A client is classified as valid if it authenticates with encryption to the Aruba network or has been manually defined.  My guess is that you had some residual classifications in the WMS database when you attempted your test.

 

It also looks like you were running your tests on an Open network.  I would recommend running the test on an encrypted network.  It doesn't make a lot of sense to run these advanced protection mechanisms on an open network since that will have much larger security holes.

 

I would recommend running 'wms clean-db' followed by the 'reload' command on lab controllers when running this test. Please use this command with caution as it will completely erase the WMS database.  This command is not recommended on a production network.

MVP
Posts: 1,422
Registered: ‎10-25-2011

Re: Aruba WIPS configuration guide or white paper or something?

Thank you for the response.

 

You are correct about the open network, problem is customer is using an Open SSID with external captive portal for authentication but would like some WIPS functionality.

 

Therefore when running some tests I was running into issues, I am assuming that protect valid stations and protect ssid do not apply in this case since it is an open network, I can use Airwave in this case for Rogue detection of an AP broadcasting the same SSID.

 

In my experience, I did not run into this issue with an encrypted network.

 

I will run some more tests and if I run into any issues, I will contact Aruba support.

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Search Airheads
Showing results for 
Search instead for 
Did you mean: