Differences

This shows you the differences between two versions of the page.

--- aruba_networks:controller:mac_filter [2020/10/03 16:44] – created aperez
+++ aruba_networks:controller:mac_filter [2020/10/17 07:35] (current) – aperez
@@ Line 11: / Line 11: @@
 --Run command: config terminal and run the following lines by MAC address to block (Example MAC: c0:f4:e6:36:c5:09)
-(Aruba7030) *[mynode] #stm add-blacklist-client c0:f4:e6:36:c5:09
+(Aruba7030) *[mynode] #**stm add-blacklist-client c0:f4:e6:36:c5:09**
 (Aruba7030) *[mynode] #
-(Aruba72) *[mynode] #show ap blacklist-clients
+(Aruba72) *[mynode] #**show ap blacklist-clients**
 Blacklisted Clients
--------------------
+-  -  -  -
 STA reason block-time(sec) remaining time(sec)
---- ------ --------------- -------------------
+-  -  -  -
 c0:f4:e6:36:c5:09 user-defined 2015 1585
---Procedure to permanently leave the MAC Address blacklist:
+**--Procedure to permanently leave the MAC Address blacklist:**
 wlan virtual-ap
-   auth-failure-blacklist-time 0
+**auth-failure-blacklist-time 0**
-   blacklist-time 0
+** blacklist-time 0**
 **--The lines to execute to block a MAC in a specific WLAN are:**
@@ Line 41: / Line 43: @@
 wlan ssid-profile "WLAN-1"
-auth-failure-blacklist-time 0
+**auth-failure-blacklist-time 0**
+**blacklist-time 0**
-blacklist-time 0
 wlan ssid-profile "WLAN-2"
@@ Line 50: / Line 54: @@
 blacklist-time 0
@@ Line 62: / Line 67: @@
 wlan virtual-ap "VAP-WLAN1"
-auth-failure-blacklist-time 0
+**auth-failure-blacklist-time 0**
+**blacklist-time 0**
-blacklist-time 0
@@ Line 84: / Line 90: @@
 **--Procedure to manually removing a user from Blacklist:**
---(Aruba7030) *[mynode] #stm remove-blacklist-client c0:f4:e6:36:c5:09
+--(Aruba7030) *[mynode] #**stm remove-blacklist-client c0:f4:e6:36:c5:09**
 Requerimientos:
 --Aruba7030
---
 Solución:
 **--Apply the above procedure write**
+----
+**Example process for WEB:**
+--mac-authentication process
+--Follow the next step for setting mac-authentication for any WLAN
+  Note: Is important to use the correct INITIAL  ROLE  ACL, in this case, used logon role
+{{:aruba_networks:controller:blacklist_command9.png?700|}}
+  Note:  Create  new user on internal server
+{{:aruba_networks:controller:blacklist_command2.png?700|}}
+   Note: Is important to use the second correct INITIAL ROLE ACL, in this case, used ANNAR_USER role
+   Note: you do can use any next format
+{{:aruba_networks:controller:blacklist_command0.png?200|}}
+  Note:  Create the new MAC authentication profile, in this case: ANNAR_USER  (set for this format:  82-56-f2-f4-5a-e5)
+{{:aruba_networks:controller:blacklist_command5.png?700|}}
+{{:aruba_networks:controller:blacklist_command12.png?700|}}
+**--CLI commands to write a MAC for local-userdb and Blacklist-client**
+{{:aruba_networks:controller:blacklist_command14.png?700|}}
+{{:aruba_networks:controller:blacklist_command15.png?700|}}
+{{:aruba_networks:controller:blacklist_command16.png?700|}}
+{{:aruba_networks:controller:blacklist_command.png?500|}}
+----
+[[https://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/MAC_Authentication.php#XREF_42227_Configuring_the]]
+[[https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-configure-MAC-based-authentication-on-Aruba/ta-p/182430]]
+  stm add-blacklist-client
+  stm remove-blacklist-client
+  stm purge-blacklist-client
+  show ap blacklist-clients
+  local-userdb add user
+  show local-userdb
+----
+{{:aruba_networks:controller:blacklist_command13.png?600|}}
+----