I was investigating some rogue devices that are being reported by AMP and eventually found it.
Here's the situation:
The users that are renting some office space in our building have connected to our guest network (via captive portal) using the credentials we provided to them. From there, they are sharing the connection using a Windows XP (ICS) laptop then running a network cable to a WAN port on a router they have. There are roughly 7 desktop computers connected via a desktop switch.
This is bad and I don't want this to continue but I would like some feedback from the community to help my case and perhaps a work around. The upside of this is: the users (or single user in this case) fall in to the guest role and are on a seperate vlan from our staff network.
Are you using Clearpass? Perhaps allow some post-auth actions like session limits and/or time? Another alternative to use OnGuard to enforce that connection sharing is disabled?
If you do have Clearpass, you could create these rules for just these renters in the building and not other guests to your company
No Clearpass yet.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.