Security

Reply
Occasional Contributor II

Re: Aruba 3200 manual blacklist/block

Sorry. I understand now. :) Thanks alot!

Guru Elite

Re: Aruba 3200 manual blacklist/block

Glad you found it.  I edited my post to make it more clear and fixed a spelling error.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Aruba 3200 manual blacklist/block

I black listed a client. Did a aaa user delete and stm kick-off-sta 

 

The device shows in the black list, but keeps connecting and passing traffic

 

 #show AP blacklist-clients

Blacklisted Clients
-------------------
STA reason block-time(sec) remaining time(sec)
--- ------ --------------- -------------------
34:23:87:6a:35:42 session-blacklist 60 240
1c:3e:84:65:2e:34 session-blacklist 255 45
20:16:d8:fb:cf:01 user-defined 635 2965

 

show user-table verbose | include 20:16:d8:fb:cf:01
10.207.4.185               20:16:d8:fb:cf:01     SSID     00:00:04

 

 

(CNJ_.11) #show datapath session table 10.207.4.185

Datapath Session Table Entries
------------------------------

Source IP Destination IP Prot SPort DPort Cntr Prio ToS Age Destination TAge UsrIdx UsrVer Flags 

-------------- -------------- ---- ----- ----- ---- ---- --- --- ----------- ---- ------ ------ -----
10.207.4.185 54.187.20.232 6 50385 80 0/0 0 96 17 tunnel 3551 10d 5dd c0b4 CI
0/0 0 0 0 local
10.207.4.185 54.187.20.232 6 50384 80 0/0 0 96 17 tunnel 3551 10d 5dd c0b4 CI
0/0 0 0 0 local
10.207.4.185 54.244.29.192 6 50369 80 0/0 0 96 19 tunnel 3551 12b 5dd c0b4 CI
0/0 0 0 0 local
10.207.4.185 54.244.29.192 6 50368 80 0/0 0 96 19 tunnel 3551 12b 5dd c0b4 CI
0/0 0 0 0 local
10.207.4.185 96.16.77.229 6 50361 80 0/0 0 96 19 tunnel 3551 132 5dd c0b4 CI
0/0 0 0 0 local
10.207.4.185 96.16.77.229 6 50360 80 0/0 0 96 19 tunnel 3551 132 5dd c0b4 CI

 

Tom Engeleit
ACMP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: