Antonio Perez

User Tools

Site Tools

Trace: mac_filter
aruba_networks:controller:mac_filter

This is an old revision of the document!

Problem:

–Aruba blacklist - MAC- filter

Actions:

–In the following process, you will find a way to block a mac addres on a WLAN

–Enter by CLI

–Run command: config terminal and run the following lines by MAC address to block (Example MAC: c0:f4:e6:36:c5:09)

(Aruba7030) *[mynode] #stm add-blacklist-client c0:f4:e6:36:c5:09

(Aruba7030) *[mynode] #

(Aruba72) *[mynode] #show ap blacklist-clients

Blacklisted Clients

- - - -

STA reason block-time(sec) remaining time(sec)

- - - -

c0:f4:e6:36:c5:09 user-defined 2015 1585

–Procedure to permanently leave the MAC Address blacklist:

wlan virtual-ap

auth-failure-blacklist-time 0

blacklist-time 0

–The lines to execute to block a MAC in a specific WLAN are:

wlan ssid-profile “WLAN-1”

auth-failure-blacklist-time 0

blacklist-time 0

wlan ssid-profile “WLAN-2”

auth-failure-blacklist-time 0

blacklist-time 0

wlan ssid-profile “WLAN-3”

auth-failure-blacklist-time 0

blacklist-time 0

wlan virtual-ap “VAP-WLAN1”

auth-failure-blacklist-time 0

blacklist-time 0

wlan virtual-ap “VAP-WLAN2”

auth-failure-blacklist-time 0

blacklist-time 0

wlan virtual-ap “VAP-WLAN3”

auth-failure-blacklist-time 0

blacklist-time 0

–Procedure to manually removing a user from Blacklist:

–(Aruba7030) *[mynode] #stm remove-blacklist-client c0:f4:e6:36:c5:09

Requerimientos:

–Aruba7030

Solución:

–Apply the above procedure write

Example process for WEB:

–mac-authentication process

–Follow the next step for setting mac-authentication for any WLAN 

Note: Is important to use the correct INITIAL  ROLE  ACL, in this case, used logon role

Note:  Create  new user on internal server 

 Note: Is important to use the second correct INITIAL ROLE ACL, in this case, used ANNAR_USER role
 Note: you do can use any next format

Note:  Create the new MAC authentication profile, in this case: ANNAR_USER  (set for this format:  82-56-f2-f4-5a-e5)

–CLI commands to write a MAC for local-userdb and Blacklist-client 

[[https://www.arubanetworks.com/techdocs/ArubaOS_60/UserGuide/MAC_Authentication.php#XREF_42227_Configuring_the]]
[[https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-configure-MAC-based-authentication-on-Aruba/ta-p/182430]]
stm add-blacklist-client
stm remove-blacklist-client
stm purge-blacklist-client
show ap blacklist-clients
local-userdb add user
show local-userdb

aruba_networks/controller/mac_filter.1602938052.txt.gz · Last modified: 2020/10/17 07:34 by aperez
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki