Wireless Access

Reply
Occasional Contributor I
Posts: 9
Registered: ‎03-04-2010

Blacklist duration

One master controller, two locals -- all M3, 6.1.3.2 Blacklist duration is set to 0 for all Virtual APs/SSIDs for both Authentication Failure and Other. Found the bad guy on Local2 and blacklisted him; remaining time is blank as expected. Because you can only use the WebUI to blacklist a connected client, I went to the CLI for Master and Local1 and issued this command: stm add-blacklist-client [mac address]. On both, the remaining time is 1 hour, no matter what I do. Bad guy was able to connect to Local1 last night. Any way to fix this?
Guru Elite
Posts: 20,815
Registered: ‎03-29-2007

Re: Blacklist duration

Set the "ap blacklist-time" parameter which specifies how long unassociated users get blacklisted:

 

http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Blacklist-Clients-on-3600-controller-ArubaOS-6-1-2-2/td-p/22534

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 9
Registered: ‎03-04-2010

Re: Blacklist duration

I thought I had set that, which is why I said, "Blacklist duration is set to 0 for all Virtual APs/SSIDs for both Authentication Failure and Other." Are you saying to do that again in the CLI?
Guru Elite
Posts: 20,815
Registered: ‎03-29-2007

Re: Blacklist duration

(Aruba3600) (config) #ap ap-blacklist-time

 

That parameter is GLOBAL and not under the virtual AP.  It corresponds to the blacklist time for unassociated clients.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 9
Registered: ‎03-04-2010

Re: Blacklist duration

Thanks! I had not read all the way through the link you sent.
MVP
Posts: 707
Registered: ‎12-01-2010

Re: Blacklist duration

When you say GLOBAL, is that "Set it on the Master and the Locals learn it," or "Set it on every controller?"

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Guru Elite
Posts: 8,335
Registered: ‎09-08-2010

Re: Blacklist duration

Global meaning all SSIDs broadcasting from APs connected to that controller.

You need to blackilist clients on each controller.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 707
Registered: ‎12-01-2010

Re: Blacklist duration

Ah, good point.

I hadn't thought of that -- I was refering to where I set 'ap ap-blacklist-time 0'

Is that a Master pushed configuration bit, or will I have to set it on each controller.

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Search Airheads
Showing results for 
Search instead for 
Did you mean: