Wireless Access

Reply
Contributor I
Posts: 80
Registered: ‎04-29-2013

Valid AP being DOS'ed by controller

So, another team got a new MiFi device, and tripped AirWave due to using a corporate SSID on an unknown MAC. AirWave labelled is AP-Impersonation (as defined by a rule), and the controller set it to contain. I fixed the rule in AirWave - added the new MAC address as a valid broadcastor of the SSID - and manually changed the alert to valid both in AirWave and WMS. The controller even shows it as valid, but is still trying to kill it - and no one can connect to it. How do I make the controller stop? HMNCISMiFi is the SSID in question.

 

Thanks,

Russell

show ap monitor ap-list ap-name <ap-name>:

MonitoredAPTable             
------------------               
bssidessidchanap-typephy-typedosdt/mtencrnstasavg-snrcurr-snravg-rssicurr-rssiwmacsibsscl-delay
-----------------------------------------------------------------------------------------------
9c:1c:12:a3:22:71HM-EMPLOYEE149valid80211a-HT-40disable5551/63wpa2-8021x-aes00220732no0
00:0d:67:2a:8d:b5XFINITY153unknown80211a-HT-40disable4942/46wpa2-8021x-aes00230720no4942+
80:d2:1d:7d:a2:e2HMNCISMiFi6valid80211b/g-HT-40enable4299/106wpa2-psk-aes00330620no4298

 

 

Guru Elite
Posts: 20,807
Registered: ‎03-29-2007

Re: Valid AP being DOS'ed by controller

The output you posted is unreadable.

 

I would type "show log security 50" and see if you can see anything for that BSSID.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 80
Registered: ‎04-29-2013

Re: Valid AP being DOS'ed by controller

I wouldn't go so far as to call it unreadable, but the point is that in the last row, the ap-type is 'valid', while the dos field is 'enable'; meaning as far as I can tell that the controller is trying to kill an AP that I have marked as valid, that the controller sees as valid - or at least reports as valid - and is set to valid in AirWave. Is there a CLI command that I can run on a BSSID that basically says 'this guy is our cousin, doesn't exactly live here but visits from time to time, so cut his some slack, and stop trying to kill him'?

 

the security log showed nothing by the way. Too much in the log. Even show log security all only goes back about 5 minutes.

 

Russell

Guru Elite
Posts: 20,807
Registered: ‎03-29-2007

Re: Valid AP being DOS'ed by controller

So, unreadable is a strong word, but I cannot piece it together.  There are quite a few ways to deny access to a device and it is not always marked as DOS, when that happens.  Your situation is open ended and you should open a case with TAC to understand why you have no access to the device.  It has hard to say with the limited information provided what is happening.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: