Wireless Access

Dear all,

(Lkk-AC01) #show user | include 10.80.102.29
10.80.102.29 e4:a7:a0:56:dd:c1 host1 authenticated 00:01:16 802.1x AP9937 Wireless corp/40:e3:d6:83:56:74/a-HT AAA-ca tunnel Win 7

I found the user host1 occupied a lot of bandwidth.How can I kick it off?

Or how can create a QOS profile for it ? Or useing ACL to filter it?

Thank you for any answers

You can delete a user session with the following :

(Aruba) #aaa user delete
all                     Delete all users. Can take upto 5 mins if there are
                        large number of users getting deleted
ap-ip-addr              Match AP IP address
ap-name                 Match AP name
mac                     Match MAC address
name                    Match user name
role                    Match role name
A.B.C.D                 Match IP address

If you want to black list the client do the following:

stm add-blacklist-client <MAC>

You can able bandwidth controls to restrict traffic and you can also apply ACL's to take action based upon certain traffic. If you have a context aware authentication service such as CPPM, you can configure this to enforce and action should a trigger be matched (i.e XXX of data transferred in X amount of time).

You can complete this based on the User Role or VLAN.

http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-configure-a-bandwidth-contract-based-on-VLAN-and-user/ta-p/177668

Or if you wish to apply this per SSID (VAP).

http://www.arubanetworks.com/techdocs/ArubaOS_6_5_4_X_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/ARM/Traffic_Shaping.htm?Highlight=traffic shaping