Message Image

Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

Skip main navigation (Press Enter).

Wireless Access

last person joined: yesterday

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.

Back to discussions

Expand all | Collapse all

Validuser ACL Logging

This thread has been viewed 0 times

1. Validuser ACL Logging

0 Kudos
cbjohns
Posted Oct 27, 2016 01:22 PM

Reply Reply Privately
Good Morning,

We're recently updated our "validuser" acl to prevent invalid/unauthorized IP Addresses from entering the user-table - which appears to be working now thanks to TAC. I've modifed the "any any any permit" to "any any any deny" with Logging enabled which is now logging the source IP Address of the packet that would have previously entered the user-table. Most of them were mobile addresses that leaked over to our network, but some of them appear to be 10.X.X.X addresses, web site addresses, etc.
1. Is there a way to log/correlate the originating MAC Address for future cases?
2. I attempted to use the "mirror" option on the "any any any deny" ACL, "session-mirror-destination" command appears to have been deprecated - https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-capture-unencrypted-client-data-at-the-controller-with/ta-p/179062

Powered by Higher Logic