Wireless Access

Reply
MVP
Posts: 1,408
Registered: ‎05-28-2008

WIP - Config questions and tips needed.

Hi Guys,

:smileymad:

Good morning,I just deployed a RFP for the first time at client site - and after doing some reading , I have a few questions:I will be more than glad if couple of you can send me some technical answers and configuration tips.

  • How the controller auto-define: Rouge | Neighbor | Suspect | Interfering | Valid ?
  • Can I force the controller to define any other network except the client Aruba network as Suspect or interfering and contain|block them?
  • If my client would like to Contain just nearby or in the building office itself (in order not to interrupt the other offices - What is the SNR that recommenced to achieve for example - 10 meters from each AP of Aruba.
  • How do i define to the controller not to block a speseifc SSID (that in the controller) or an OPEN ssid that isnt connected to the Controller itself?

(ArubaOS 6.1.3.5 Running on-site)

 

Thanks in Advance.

 

Me.

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Guru Elite
Posts: 20,960
Registered: ‎03-29-2007

Re: WIP - Config questions and tips needed.


kdisc98 wrote:

Hi Guys,

:smileymad:

Good morning,I just deployed a RFP for the first time at client site - and after doing some reading , I have a few questions:I will be more than glad if couple of you can send me some technical answers and configuration tips.

  • How the controller auto-define: Rouge | Neighbor | Suspect | Interfering | Valid ?
  • Can I force the controller to define any other network except the client Aruba network as Suspect or interfering and contain|block them?
  • If my client would like to Contain just nearby or in the building office itself (in order not to interrupt the other offices - What is the SNR that recommenced to achieve for example - 10 meters from each AP of Aruba.
  • How do i define to the controller not to block a speseifc SSID (that in the controller) or an OPEN ssid that isnt connected to the Controller itself?

(ArubaOS 6.1.3.5 Running on-site)

 

Thanks in Advance.

 

Me.




The easiest way to configure that is to run the WIP Wizard.

 

 The Wizard will give you the options to influence how rogues are classified.  How the controller automatically classifies rogues is here:  https://arubanetworkskb.secure.force.com/pkb/articles/FAQ/Rogue-Classification-on-AOS-6-0

 

You can configure something called a "Valid SSID" which means that the controller will allow devices to connect to that SSID.  You can then block traffic from connecting to anything but Valid SSIDs.

 

The controller normally looks at client associations to contain devices, so even if you can see powerful access points from far away, if the controller cannot see the client associating to it, it will not do anything.  If it can see your users attempting to associate to it, and you have protection on, it can stop those users, however.

 

You can define a specific SSID as a Valid SSID to keep it from being blocked.

 

Again, IDS/IPS is a very involved topic and you need to (1) Read the entire chapter on IDS/IPS to fully understand it and (2) Test any scenario before putting it into production so that you do not create any performance issues.

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 8
Registered: ‎12-26-2012

Re: WIP - Config questions and tips needed.

Hi

Thank u for that answer, but i have another question.

 

i want to connect another AP that is not aruba to my network and prevent it from being automaticlly marked as rogue.

how do i do that?

 

Thanx in advanved/

 

 

Guru Elite
Posts: 20,960
Registered: ‎03-29-2007

Re: WIP - Config questions and tips needed.

You must mark it as a Valid AP



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I
Posts: 8
Registered: ‎12-26-2012

Re: WIP - Config questions and tips needed.

Thank

Occasional Contributor I
Posts: 8
Registered: ‎12-26-2012

Re: WIP - Config questions and tips needed.

Hi again

 

is there a way to make it valid automatically?

i've tried to enter the AP's Mac And SSID to the valid table, but it is still marked as rugue and as contained.

Guru Elite
Posts: 20,960
Registered: ‎03-29-2007

Re: WIP - Config questions and tips needed.

[ Edited ]

If you see it in the Dashboard under security, change the designation to Valid there.

 

You cannot make it Valid automatically.

 

 

EDIT:  Click on the Reclassify button to make it Authorized.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: