Filter
Top Products
86 |ControlPlaneSecurity DellPowerConnectW-SeriesArubaOS6.2 | User Guide
whitelist-db cpsec modify mac-address
cert-type switch-cert|factory-cert
description <description>
mode disable|enable
revoke-text <revoke-text>
state approved-ready-for-cert|certified-factory-cert
Revoking an AP via the Campus AP Whitelist
You can revoke an invalid or rogue AP either by opening the modify menu and modifying the AP’s revoke status (as
described in the section above), or by selecting the AP in the campus whitelist and revoking it’s secure status
directly, without modifying any other parameters or entering a description of why that AP was revoked. When you
revoke an AP’s secure status in the campus AP whitelist, the whitelist retains the AP’s status information. To revoke
an invalid or rogue AP and permanently remove the AP from the whitelist, you must delete that entry.
To revoke an AP via the WebUI:
1. Access the master controller WebUI, and navigate to Configuration>AP Installation.
2. Click the Campus AP Whitelist tab.
3. To revoke one or more secure campus APs, select the checkbox by the entry for each AP whose secure status
should be revoked, then click Revoke.
If your campus AP whitelist is large and you cannot immediately locate the AP entry you want to revoke, select
the Search link by the upper right corner of the whitelist. The Campus AP Whitelist tab displays several fields
that allow you to search for an AP with a specified MAC address, certificate type or state. Specify the values that
match the AP you are trying to locate, then click the Search button. The whitelist displays a list of APs that
match your search criteria. Select the AP from this list, then click Revoke.
To revoke an AP via the command-line interface, issue the command:
whitelist-db cpsec revoke mac-address <macaddr> revoke-text <"revoke text">
Deleting an AP Entry from the Campus AP Whitelist
Before you delete an AP entry from the campus whitelist, verify that auto certificate provisioning is either no longer
enabled, or only enabled for IP addresses that do not include the AP being removed. If automatic certificate
provisioning is enabled for an AP that it is still connected to the network, you can not permanently delete it from
the campus AP whitelist; the controller immediately re-certifies the AP and re-creates its whitelist entry.
To delete an AP entry via the WebUI:
1. Access the master controller WebUI, and navigate to Configuration>AP Installation.
2. Click the Campus AP Whitelist tab.
3. Select the checkbox by entry for each AP you want to remove, then click delete.
If your campus AP whitelist is large and you cannot immediately locate the AP entry you want to delete, select
the Search link by the upper right corner of the whitelist. The Campus AP Whitelist tab displays several fields
that allow you to search for an AP with a specified MAC address, certificate type or state. Specify the values that
match the AP you are trying to locate, then click the Search button. The whitelist displays a list of APs that
match your search criteria. Select the AP from this list, then click delete.
To delete an AP entry via the CLI, issue the command:
whitelist-db cpsec del mac-address <macaddr>
Purging the Campus AP Whitelist
Before you add a new local controller to a network using control plane security, you must purge the campus AP
whitelist on the new controller. Any entries in a new controller’s campus AP whitelist is merged into the whitelist for