Wireless Access

 View Only
last person joined: 15 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

Blcklist and syslog

This thread has been viewed 18 times
  • 1.  Blcklist and syslog

    Posted Feb 01, 2023 05:49 PM
    MM topolgy with AOS 8.6

    We need to blacklist a user for 600sec if he PING ip 10.x.x.x
    And send syslog ack

    Also we need the user that get Gateway ip , It dont be shown in the show user command 

    How to achive this


  • 2.  RE: Blcklist and syslog

    EMPLOYEE
    Posted Feb 02, 2023 03:18 AM

    Hi, you can setup a new access rule which you have to insert into the role the user belongs to:

    With the Denylist hook the Client / User will be denylisted for the amount of time which is set here (Default is 3600 seconds):

    Screenshots taken from Version 8.10.0.5

    Regarding Syslog Messages see here - https://community.arubanetworks.com/discussion/how-to-send-the-blacklist-log-of-user-role-to-syslog-server

    The Gateway IP of a user will be shown on Mobility Master (Conductor) via - show global-user-table list
    Or on the GUI when you select the dedicated rows.




  • 3.  RE: Blcklist and syslog

    Posted Feb 02, 2023 08:55 PM
    Thanks Cordless 

    Denylist is qeual to Blaclikst in version 8.6.xx Right and same concept 

    For the syslog shall we intergrate with external syslog server we we can valide with local logs ?

    For the last point
    If GW is 5.5.5.5 , SO if client get this ip static , dont appear in the show user table


  • 4.  RE: Blcklist and syslog

    EMPLOYEE
    Posted Feb 03, 2023 03:51 AM

    By Gateway IP you mean the Default Gateway of the Client?

    That is not shown on the Controller. Client will get this information by DHCP Request. On the Controller you will only see the client´s IP Address.

    Syslog goes out of the Controller to an external Syslog Server.

    You can validate this message in the "show log user" Logs