With that setting, I would only expect the system to respond to a Rogue AP (which is also connected to your own network), and to a hotspot that is using ad-hoc networking. Only the options with 'Protect' do have an response action. Detect only reports the 'violation'.
Unsure what exactly you try to achieve.... it may be best to discuss your requirements with your Aruba Partner or Aruba Support to find the proper settings for your requirements.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Dec 05, 2022 08:25 PM
From: Jinyoung Yang
Subject: WIPS can't block hotspot
The corresponding AP operates as AM and the policy is as follows.
Original Message:
Sent: Dec 05, 2022 10:09 AM
From: Herman Robers
Subject: WIPS can't block hotspot
Please note that is may be illegal depending on the country that you are in to block hotspots as it attacks others' networks, so consult your legal advisor before enabling such a feature. And you may end up preventing all of you neighbors to use their WLAN, if you don't carefully deploy this.
What protect features have you enabled? And what containment method?
Be informed that APs should be on the same channel as where you want to do Wireless IDS, which makes that to reliably deploy WIDS you need additional APs as AirMonitor to scan channels. Also, when the other network uses WPA3 or 802.11w (MFP/PMF), using deauths will no longer work as containment.
If it works for some APs, the problem is probably in these last two options.
It's probably best to first get legal advice, then work with your Aruba partner to design the optimal configuration for your case.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Dec 05, 2022 05:35 AM
From: Jinyoung Yang
Subject: WIPS can't block hotspot
There are several AP 305 models with the same AP Group.
Some APs blocked Hotspot, but some APs failed to block Hotspot.
Hotspot is a WPA2 environment.
Is there a way to check if the AP is malfunctioning?
Or can I not block Hotspot due to the physical environment where the AP is installed?