Configuring rogue device detection, Recommended configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 636

Advertising
background image

615

Figure 648 Network diagram for WLAN client access control

In the topology above, three APs are connected to an AC. Configure whitelist and static blacklist
entries on the AC, which will send all the entries to the APs. If the MAC address of a station, Client

1 for example, is present in the blacklist, it cannot access any of the APs. If only Client 1 is present
in the whitelist, it can access any of the APs, and other clients cannot access any of the APs.

Enable dynamic blacklist function on the AC. If AP 1 receives attack frames from Client 1, a dynamic
blacklist entry is generated in the blacklist. Client 1 cannot associate with AP 1, but can associate

with AP 2 or AP 3. If AP 2 or AP 3 receives attack frames from Client 1, a new dynamic blacklist

entry is generated in the blacklist.

Configuring rogue device detection

Recommended configuration procedure

Step Remarks

1. Configuring AP operating mode

Required.
By default, the AP operates in normal mode and only
provides WLAN data services.

2. Configuring detection rule lists

Required.

3. Enabling countermeasures and configuring

aging time for detected rogue devices

Optional.

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module

Popular Brands
Popular manuals