Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Blacklisting LOTS of clients

This thread has been viewed 0 times

  • 1.  Blacklisting LOTS of clients

    Posted Feb 28, 2014 09:51 AM

    I do not want students with school provided laptops to connect to the public guest internet. (They should connect to Student wifi)

     

    I have the mac address of all 2000 netbooks and would like to blacklist them all from connecting to the guest network. Is there an easy way to do this? I'd like to cut copy paste a script into the cli blacklisting clients from the public but doesn't look like I can actually blacklist them if it's not currently connected to the public ssid.

     

    Maybe blacklisting isn't the best way to do this, if anyone else can think of a way to keep the kids off the public internet I'm open to suggestions.



  • 2.  RE: Blacklisting LOTS of clients

    EMPLOYEE
    Posted Feb 28, 2014 09:57 AM

    Do you use ClearPass?



  • 3.  RE: Blacklisting LOTS of clients

    Posted Feb 28, 2014 09:59 AM

    No client does not have ClearPass



  • 4.  RE: Blacklisting LOTS of clients

    EMPLOYEE
    Posted Feb 28, 2014 10:09 AM
    @Jaasperff wrote:

    I do not want students with school provided laptops to connect to the public guest internet. (They should connect to Student wifi)

     

    I have the mac address of all 2000 netbooks and would like to blacklist them all from connecting to the guest network. Is there an easy way to do this? I'd like to cut copy paste a script into the cli blacklisting clients from the public but doesn't look like I can actually blacklist them if it's not currently connected to the public ssid.

     

    Maybe blacklisting isn't the best way to do this, if anyone else can think of a way to keep the kids off the public internet I'm open to suggestions.

    If your netbooks run windows, push a wireless group policy to those devices for the guest network, but with a WPA2 key.  They will not be able to connect.



  • 5.  RE: Blacklisting LOTS of clients

    Posted Feb 28, 2014 10:13 AM

    Hadn't thought of that... Good idea.

     

    Thanks !!!



  • 6.  RE: Blacklisting LOTS of clients

    EMPLOYEE
    Posted Feb 28, 2014 10:17 AM

    Another trick would be to deny the computer from connecting to that SSID via group policy.

     

    guest-deny-gpo.PNG



  • 7.  RE: Blacklisting LOTS of clients

    Posted Mar 03, 2014 09:00 AM

    Well that worked for about 15 minutes...

     

    Students have discovered how to wipe the Chromebooks clean and remove the management profile. When they do this the only thing that they can connect to is the Public because we send the preshare key for the student network via the management profile.

     

    So back to blacklisting...  If they wipe the machine and can't get on the public and also can't get on the student then I'm guessing (hoping) they will stop doing it.

     

    (Don't ya just love kids?) Think I need to hire a couple of them to help me out around here. :smileyvery-happy: