Filter
Top Products
385 | WirelessIntrusionPrevention DellPowerConnectW-SeriesArubaOS6.2 | User Guide
(host) #wms import-db database <file>
The wms reint-db command reinitializes the WMS database. Note that this command does not make an automatic
backup of the current database.
(host) #wms reint-db
Understanding Client Blacklisting
When a client is blacklisted in the Dell system, the client is not allowed to associate with any AP in the network for
a specified amount of time. If a client is connected to the network when it is blacklisted, a deauthentication
message is sent to force the client to disconnect. While blacklisted, the client cannot associate with another SSID in
the network.
The controller retains the client blacklist in the user database, so the information is not lost if the controller reboots.
When you import or export the controller’s user database, the client blacklist will be exported or imported as well.
Methods of Blacklisting
There are several ways in which a client can be blacklisted in the Dell system:
l You can manually blacklist a specific client. See "Blacklisting Manually" on page 385 for more information.
l A client fails to successfully authenticate for a configured number of times for a specified authentication method.
The client is automatically blacklisted. See "Blacklisting by Authentication Failure " on page 386 for more
information.
l A DoS or man in the middle (MITM) attack has been launched in the network. Detection of these attacks can
cause the immediate blacklisting of a client. See "Enabling Attack Blacklisting" on page 386 for more information.
l An external application or appliance that provides network services, such as virus protection or intrusion
detection, can blacklist a client and send the blacklisting information to the controller via an XML API server.
When the controller receives the client blacklist request from the server, it blacklists the client, logs an event, and
sends an SNMP trap.
See External Services Interface on page 748 for more information.
NOTE: The External Services Interface feature require the Policy Enforcement Firewall Next Generation (PEFNG) license installed in
the controller.
Blacklisting Manually
There are several reasons why you may choose to blacklist a client. For example, you can enable different Dell
intrusion detection system (IDS) features that detect suspicious activities, such as MAC address spoofing or DoS
attacks. When these activities are detected, an event is logged and an SNMP trap is sent with the client
information. To blacklist a client, you need to know its MAC address.
To manually blacklist a client via the WebUI:
1. Navigate to the Monitoring > Controller > Clients page.
2. Select the client to be blacklisted and click the Blacklist button.
To clear the entire client blacklist using the WebUI:
1. Navigate to the Monitoring > Controller > Clients page.
2. Click Remove All from Blacklist.
To manually blacklist a client via the command-line interface, access the CLI in config mode and issue the following
command:
stm add-blacklist-client <macaddr>