Wireless Access

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

Thanks for the early reply,

I don't know how to find the blacklist reason.
I tried to check the log with the 'show ap client trail-info' command of the disconnected device, I see the device is roaming even though I'm not moving, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted.
Original Message:
Sent: Aug 15, 2022 04:23 PM
From: Colin Joseph
Subject: Problem with some macOS devices disconnecting and then blacklisting

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

Check the denylist/bl reason with this: https://www.arubanetworks.com/techdocs/CLI-Bank/Content/aos8/sh-ap-bl-clnt.htm

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Aug 16, 2022 12:30 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thanks for the early reply,

I don't know how to find the blacklist reason.
I tried to check the log with the 'show ap client trail-info' command of the disconnected device, I see the device is roaming even though I'm not moving, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted.
Original Message:
Sent: Aug 15, 2022 04:23 PM
From: Colin Joseph
Subject: Problem with some macOS devices disconnecting and then blacklisting

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

Thank Cjoseph,
Thank Herman Robers,

Blacklist reason is user-define.
I have searched for information regarding this reason, but I can't find anything.

Please help me, what should I do next?
Original Message:
Sent: Aug 17, 2022 05:16 AM
From: Herman Robers
Subject: Problem with some macOS devices disconnecting and then blacklisting

Check the denylist/bl reason with this: https://www.arubanetworks.com/techdocs/CLI-Bank/Content/aos8/sh-ap-bl-clnt.htm

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Aug 16, 2022 12:30 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thanks for the early reply,

I don't know how to find the blacklist reason.
I tried to check the log with the 'show ap client trail-info' command of the disconnected device, I see the device is roaming even though I'm not moving, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted.
Original Message:
Sent: Aug 15, 2022 04:23 PM
From: Colin Joseph
Subject: Problem with some macOS devices disconnecting and then blacklisting

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

See here where denylisting may come from. Not sure if Authentication failures or Firewall driven show up as user-defined... but it looks like someone intentionally configured this.

With the behavior that users can connect and are disconnected after about a minute, I would have a look at your firewall policy first, then IDS.

It may be good to have a look with Aruba support to go through the logs and configuration to see where this is coming from.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Aug 19, 2022 03:52 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thank Cjoseph,
Thank Herman Robers,

Blacklist reason is user-define.
I have searched for information regarding this reason, but I can't find anything.

Please help me, what should I do next?
Original Message:
Sent: Aug 17, 2022 05:16 AM
From: Herman Robers
Subject: Problem with some macOS devices disconnecting and then blacklisting

Check the denylist/bl reason with this: https://www.arubanetworks.com/techdocs/CLI-Bank/Content/aos8/sh-ap-bl-clnt.htm

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Aug 16, 2022 12:30 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thanks for the early reply,

I don't know how to find the blacklist reason.
I tried to check the log with the 'show ap client trail-info' command of the disconnected device, I see the device is roaming even though I'm not moving, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted.
Original Message:
Sent: Aug 15, 2022 04:23 PM
From: Colin Joseph
Subject: Problem with some macOS devices disconnecting and then blacklisting

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.

type "show log security all" and see if there are any messages related to blacklisting.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Aug 19, 2022 03:52 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thank Cjoseph,
Thank Herman Robers,

Blacklist reason is user-define.
I have searched for information regarding this reason, but I can't find anything.

Please help me, what should I do next?
Original Message:
Sent: Aug 17, 2022 05:16 AM
From: Herman Robers
Subject: Problem with some macOS devices disconnecting and then blacklisting

Check the denylist/bl reason with this: https://www.arubanetworks.com/techdocs/CLI-Bank/Content/aos8/sh-ap-bl-clnt.htm

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Aug 16, 2022 12:30 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Thanks for the early reply,

I don't know how to find the blacklist reason.
I tried to check the log with the 'show ap client trail-info' command of the disconnected device, I see the device is roaming even though I'm not moving, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted.
Original Message:
Sent: Aug 15, 2022 04:23 PM
From: Colin Joseph
Subject: Problem with some macOS devices disconnecting and then blacklisting

If you can see the blacklist reason while they are in the blacklist, we can take it from there.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card

Original Message:
Sent: Aug 15, 2022 04:58 AM
From: Long Nguyen
Subject: Problem with some macOS devices disconnecting and then blacklisting

Hi all,
- We have a pair of Mobility Controller 7205 running os 8.7.1.3_79817, it is managed by the Mobility Master device.
- We use Clearpass for user authentication 802.1x. MacOS devices not join in AD.
- We had an issue where some MacOS devices automatically disconnected after connecting for about 1 minute and were blacklisted on Mobility Master but We still have other MacOS devices connected successfully and working fine
+ Authentication on clearpass is successful and device connected
+ After 1 minute, device automatically disconnects with no reject log on Clearpass
+ When I try to check the logs with the command 'show client trail info' on disconnected devices, I see the device is roaming even though I'm not movin, Reason is Sta has left and is disassociated, Alert is denied and Blacklisted

Please help me,
Thanks.