Wireless Access

Reply
Frequent Contributor I
Posts: 270
Registered: ‎09-24-2010

Can I block an SSID?

Aruba 3200 controllers running 6.4.1.0.  I want to block an SSID that an employee is broadcasting and using while in the office.  All I have is the SSID.  I also have Airwave.

MVP
Posts: 1,310
Registered: ‎11-07-2008

Re: Can I block an SSID?

Do you have the RFP/WIDS licensed on your controller?

Jerrod Howard
Sr. Techical Marketing Engineer
Guru Elite
Posts: 8,467
Registered: ‎09-08-2010

Re: Can I block an SSID?

Do you have RFProtect licenses?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 270
Registered: ‎09-24-2010

Re: Can I block an SSID?

Yes

Guru Elite
Posts: 8,467
Registered: ‎09-08-2010

Re: Can I block an SSID?

Frequent Contributor I
Posts: 270
Registered: ‎09-24-2010

Re: Can I block an SSID?

[ Edited ]

So I will configure an ids general-profile default

what command to block just SSID "test"

 

wireless-containment tarpit-non-valid-sta ?

 

There may be other SSID's that I want to allow that are not configured on the controller.

MVP
Posts: 4,272
Registered: ‎07-20-2011

Re: Can I block an SSID?

You use the WIP wizard

 

2014-08-27 14_24_41-Aruba WIP Wizard.png

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor I
Posts: 270
Registered: ‎09-24-2010

Re: Can I block an SSID?

Confidence?

MVP
Posts: 4,272
Registered: ‎07-20-2011

Re: Can I block an SSID?

From guide:

 

Suspected Rogue Confidence Level

A suspected rogue AP is an AP that is potentially a threat to the WLAN infrastructure. A suspected rogue AP has a confidence level associated with it. An AP can be marked as a suspected rogue if it is determined to be a potentially threat on the wired network, or if it matches a user defined classification rule.

The suspected-rogue classification mechanism are:

  • Each mechanism that causes a suspected-rogue classification is assigned a confidence level increment of 20%.

  • AP classification rules have a configured confidence level.

  • When a mechanism matches a previously unmatched mechanism, the confidence level increment associated with that mechanism is added to the current confidence level (the confident level starts at zero).

  • The confidence level is capped at 100%.

  • If your controller reboots, your suspected-rogue APs are not checked against any new rules that were configured after the reboot. Without this restriction, all the mechanisms that classified your APs as suspected-rogue may trigger again causing the confidence level to surpass their cap of 100%. You can explicitly mark an AP as “interfering” to trigger all new rules to match against it.

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor I
Posts: 270
Registered: ‎09-24-2010

Re: Can I block an SSID?

I set to 100

 

now will this actually disable the SSID from broadcasting or just disable anyone to connect to it?

Search Airheads
Showing results for 
Search instead for 
Did you mean: