Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

This thread has been viewed 2 times

  • 1.  How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 05, 2014 01:56 AM
      |   view attached

    hi ,

     

    I have two queries-

     

    How many client can be blacklisted on aruba 105 IAP through manual blacklisting? 

     

    Is there any way to just block all mobile user ( Apple, Blackbery, andriod etc )on connecting to Wi-Fi on aruba IAP 105?

     

    Please suggest



  • 2.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 05, 2014 07:48 AM

    Are you using the blacklisting feature for access control? It is not really made for that...

     

    You need to use the internal user-database or you need an external RADIUS server for this kind of access control features you are looking for. You can either do this via MAC authentication and/or 802.1X.



  • 3.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 05, 2014 09:51 AM

    Do you know if there is a limit on the internal database? How many user accounts can that hold?? 



  • 4.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 05, 2014 10:16 AM

    From the manual:

     

    The local user database of APs can support up to 512 user entries except IAP-9x. IAP-9x supports only 256 user entries. If there are already 512 users, IAP-9x will not be able to join the cluster.



  • 5.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 06, 2014 02:27 AM

    My real problem is like -

     

    i have 5 Aruba 105 IAP working in office.

     

    My users are corporate users and guest user.

     

    My one and only compliance is that dont give access on mobile either guest or corporate user.

     

    Earlier i was doing Manual blacklisting of mac-address of all office mobile user and guest in case they come.

    Right now it is showing limited as after 128,  user cannot be blacklisted.

     

    So for alternate solution-

    IF i do AD integration for local user for AD authentication. ( so only lapotp that are in domain will connect, not mobile)

    and for guest user i will use  internal server authentication and create users internally as per request . 

     

    BUT the loop in this is if internal user share his password to another user so number of user can connect by using same credential.

     

    Please suggest if i can do anything for this....?

     



  • 6.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 06, 2014 04:16 AM

    With your requirement I will do MAC address authentication for the guest users and Machine Authentication for office users (Provided they are using Windows). If budget allows, I will use an additional controller, using controller with PEFNG we can define that the mobile device to get a deny role.

     

    Another solution is to use Clearpass and once detect it is a SMART devices you can give a deny role.

     

    Using black listing will definitely incurred more processing power for the IAPs.

     

    Just my 2 cents worth of suggestion.:)



  • 7.  RE: How many client can be blacklisted on aruba 105 IAP through manual blacklisting?

    Posted Feb 05, 2014 10:30 AM

    For your second question, this can be achieve easily with ClearPass.