Wireless Access

Reply
Occasional Contributor I

Blacklist duration

One master controller, two locals -- all M3, 6.1.3.2 Blacklist duration is set to 0 for all Virtual APs/SSIDs for both Authentication Failure and Other. Found the bad guy on Local2 and blacklisted him; remaining time is blank as expected. Because you can only use the WebUI to blacklist a connected client, I went to the CLI for Master and Local1 and issued this command: stm add-blacklist-client [mac address]. On both, the remaining time is 1 hour, no matter what I do. Bad guy was able to connect to Local1 last night. Any way to fix this?
Guru Elite

Re: Blacklist duration

Set the "ap blacklist-time" parameter which specifies how long unassociated users get blacklisted:

 

http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Blacklist-Clients-on-3600-controller-ArubaOS-6-1-2-2/td-p/22534

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor I

Re: Blacklist duration

I thought I had set that, which is why I said, "Blacklist duration is set to 0 for all Virtual APs/SSIDs for both Authentication Failure and Other." Are you saying to do that again in the CLI?
Guru Elite

Re: Blacklist duration

(Aruba3600) (config) #ap ap-blacklist-time

 

That parameter is GLOBAL and not under the virtual AP.  It corresponds to the blacklist time for unassociated clients.

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Occasional Contributor I

Re: Blacklist duration

Thanks! I had not read all the way through the link you sent.
MVP

Re: Blacklist duration

When you say GLOBAL, is that "Set it on the Master and the Locals learn it," or "Set it on every controller?"

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Guru Elite

Re: Blacklist duration

Global meaning all SSIDs broadcasting from APs connected to that controller.

You need to blackilist clients on each controller.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP

Re: Blacklist duration

Ah, good point.

I hadn't thought of that -- I was refering to where I set 'ap ap-blacklist-time 0'

Is that a Master pushed configuration bit, or will I have to set it on each controller.

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: