09-13-2013 08:55 AM
I have a bunch of 93H access points, and there is a rouge router attached to one with a MAC address I'd determined from some packet captures. What is the best route to take to determine which AP this is attached to? The ports are designed to plug in and go (which we are changing in a few weeks) so no authentication is required.
On the switches I can run the show mac-address-table. When I run that on the controller it seems to only give its own MAC addresses.
Any suggestions on the route I should take?
Solved! Go to Solution.
09-13-2013 12:37 PM
The issue is your ports are set to "trusted" meaning they are bypassing all firewall and visiblity. Can I make a suggestion? The below will retain your "plug and go" method but will use Aruba's firewall for device/client tracking on the wired ports.
1. Create a aaa profile. Assign NO MAC, 802.1x, or server group. Set the INITIAL ROLE to authenticated. This will still allow all traffic through.
2. Create your wired port profile as an "untrusted" port and then apply the aaa profile above.
Voila! You now have a ton more visibility (appRF also works here too!). You can do a simple search for the MAC and find out AP and port # very easily. This also gets reported to Airwave too.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos