×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Wireless Clinet is blocking in cisco WLC by ForeScout

Answered Question
Jun 17th, 2014
User Badges:

In my network ForeScout CounterACT is enable for blocking un-authorized mobile/laptop get wireless access. But now i have one mac which is showing in Cisco WLC in Disabled Clients "Blocked by CounterACT" but i need to enable wireless for this host. Every time i remove this mac from disabled clients it will come back again. Also i remove the policy from ForeScout CounterACT device but still it is automatically showing in Cisco WLC disable clients. Please help me how to remove this mac permanently from disable client in WLC. This is a live environment. 

Thank you.

Correct Answer by mohanak about 3 years 1 month ago

you could use the WLC CLI to solve your problem...

Use the following command to add or delete client exclusion entries.

config exclusionlist { add MAC [ description] | delete MAC | description MAC [ description]}

 

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0111010.html

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
mohanak Thu, 07/03/2014 - 03:47
User Badges:
  • Gold, 750 points or more

you could use the WLC CLI to solve your problem...

Use the following command to add or delete client exclusion entries.

config exclusionlist { add MAC [ description] | delete MAC | description MAC [ description]}

 

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0111010.html

matthew.rose.ctr Wed, 08/20/2014 - 14:34
User Badges:

I have had this problem as well. The last time I looked there was a bug in the wireless plugin for CounterACT that caused the plugin to continue to re-add devices to the disabled client list even after the policy was disabled. Try stopping and restarting the wireless plugin in CounterACT (after your ensure your policies that block your wireless client have been disabled). That should clear all clients out of the disabled list on your WLC's.

dolapolawale Tue, 08/09/2016 - 08:16
User Badges:

I am trying to integrate our Cisco wireless controller to Forecout Counteract so that I can extend my NAC capabilities to the wireless. I am however having challenges doing this as this error keeps popping up on the Forescout Counteract to check the controller IP, SNMP community and CLI credential (screenshot attached).

I would appreciate a swift help on this.


Regards,

Omotunde

Attachment: 

Actions

This Discussion

Related Content

 

 

Trending Topics - Security & Network