Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Restricitng certain devices from accessing the wireless service?

This thread has been viewed 1 times

  • 1.  Restricitng certain devices from accessing the wireless service?

    Posted May 20, 2014 11:11 AM

    Can the Aruba 3200 controller be configured to block certain mobile devices from accessing the wireless service. My wifi is setup in a school environment and while we do want to allow usage for students laptops for classroom sessions we would like to prevent users smart phones and other devices from accessing the wireless service. How can this be done? 


    #3200


  • 2.  RE: Restricitng certain devices from accessing the wireless service?
    Best Answer

    Posted May 20, 2014 12:31 PM

    Do we any encryption turned on or anything authentication enabled on SSID?

     

    If the devices specific to Android or IOS we could block by configuring DHCP finger printing else we may need to relay only on ACL.

     

    You could try blocking some of the chatty protocols SSDP, upnP,netbios traffic or on the air which would help in increasing WLAN performance

     

     see for below example.

    user-role <wireless user role name>

    session-acl deny_mDNS_acl

    session-acl deny_SSDP_and_UPnP_acl

    session deny_netbios_acl

    session-acl deny_client_acting_as_server_acl

    session-acl allowall

     

    else simply enable the broadcast filters from VAP profile which wuuld drop the B`cast/M`cast on air however still arp,dhcp,VRRP will go through.

     

    configure terminal

    wlan virtual-ap <profile name>

    broadcast-filter all

    broadcast-filter arp

     

    Thank you,