aruba_networks:controller:mac_filter
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
aruba_networks:controller:mac_filter [2020/10/03 16:44] – created aperez | aruba_networks:controller:mac_filter [2020/10/17 07:35] (current) – aperez | ||
---|---|---|---|
Line 11: | Line 11: | ||
--Run command: config terminal and run the following lines by MAC address to block (Example MAC: c0: | --Run command: config terminal and run the following lines by MAC address to block (Example MAC: c0: | ||
- | (Aruba7030) *[mynode] #stm add-blacklist-client c0: | + | (Aruba7030) *[mynode] #**stm add-blacklist-client c0: |
(Aruba7030) *[mynode] # | (Aruba7030) *[mynode] # | ||
- | (Aruba72) *[mynode] #show ap blacklist-clients | + | (Aruba72) *[mynode] #**show ap blacklist-clients** |
Blacklisted Clients | Blacklisted Clients | ||
- | ------------------- | + | - - - - |
STA reason block-time(sec) remaining time(sec) | STA reason block-time(sec) remaining time(sec) | ||
- | --- ------ --------------- ------------------- | + | - - - - |
c0: | c0: | ||
- | --Procedure to permanently leave the MAC Address blacklist: | + | |
+ | **--Procedure to permanently leave the MAC Address blacklist:** | ||
wlan virtual-ap | wlan virtual-ap | ||
- | auth-failure-blacklist-time 0 | + | **auth-failure-blacklist-time 0** |
- | blacklist-time 0 | + | ** blacklist-time 0** |
+ | |||
**--The lines to execute to block a MAC in a specific WLAN are:** | **--The lines to execute to block a MAC in a specific WLAN are:** | ||
Line 41: | Line 43: | ||
wlan ssid-profile " | wlan ssid-profile " | ||
- | auth-failure-blacklist-time 0 | + | **auth-failure-blacklist-time 0** |
+ | |||
+ | **blacklist-time 0** | ||
- | blacklist-time 0 | ||
wlan ssid-profile " | wlan ssid-profile " | ||
Line 50: | Line 54: | ||
blacklist-time 0 | blacklist-time 0 | ||
+ | |||
Line 62: | Line 67: | ||
wlan virtual-ap " | wlan virtual-ap " | ||
- | auth-failure-blacklist-time 0 | + | **auth-failure-blacklist-time 0** |
+ | |||
+ | **blacklist-time 0** | ||
- | blacklist-time 0 | ||
Line 84: | Line 90: | ||
**--Procedure to manually removing a user from Blacklist: | **--Procedure to manually removing a user from Blacklist: | ||
- | --(Aruba7030) *[mynode] #stm remove-blacklist-client c0: | + | --(Aruba7030) *[mynode] #**stm remove-blacklist-client c0: |
+ | |||
Requerimientos: | Requerimientos: | ||
--Aruba7030 | --Aruba7030 | ||
- | -- | + | |
Solución: | Solución: | ||
**--Apply the above procedure write** | **--Apply the above procedure write** | ||
+ | |||
+ | ---- | ||
+ | |||
+ | **Example process for WEB:** | ||
+ | |||
+ | |||
+ | --mac-authentication process | ||
+ | |||
+ | --Follow the next step for setting mac-authentication for any WLAN | ||
+ | |||
+ | |||
+ | Note: Is important to use the correct INITIAL | ||
+ | |||
+ | {{: | ||
+ | |||
+ | Note: Create | ||
+ | | ||
+ | {{: | ||
+ | |||
+ | | ||
+ | Note: Is important to use the second correct INITIAL ROLE ACL, in this case, used ANNAR_USER role | ||
+ | Note: you do can use any next format | ||
+ | |||
+ | {{: | ||
+ | |||
+ | Note: Create the new MAC authentication profile, in this case: ANNAR_USER | ||
+ | | ||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | **--CLI commands to write a MAC for local-userdb and Blacklist-client** | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | {{: | ||
+ | |||
+ | |||
+ | ---- | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | |||
+ | stm add-blacklist-client | ||
+ | stm remove-blacklist-client | ||
+ | stm purge-blacklist-client | ||
+ | show ap blacklist-clients | ||
+ | local-userdb add user | ||
+ | show local-userdb | ||
+ | |||
+ | |||
+ | ---- | ||
+ | |||
+ | {{: | ||
+ | ---- | ||
+ | |||
aruba_networks/controller/mac_filter.1601761485.txt.gz · Last modified: 2020/10/03 16:44 by aperez