Occasional Contributor II

Blacklist user


We have some troubles with blacklisted users. I configured firewall options as follows :
Monitors ip session attack : 128/sec
Monitor syn attack : 96/sec

These values are much higher than recommended (32 by default) but we have always many blacklisted users.

Did you enable these options? Or did you limit the number of session in role definition? If yes, what values did you use, and have you the same problems?

Tanks in advance.
Occasional Contributor II

Re: Blacklist user

No idea :(?

Please someone can help me ?
Guru Elite

Monitor IP Session Attack and Monitor TCP Session Attack


What version of code is this? In addition, when your users are blacklisted it normally says a reason. What is the reason?

Those values are normally not changed from the defaults.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Occasional Contributor II

Re: Blacklist user

Our version is with a 5000 and SC1 supervisor card.

In general the reason for the blacklist is "syn-flood" or "session-flood".

By default these options are disable. So if I keep them by default, and if I don't change the number of sessions by users, what's about the security advisory avaible at this address:

Thanks in advance.
Search Airheads
Showing results for 
Search instead for 
Did you mean: