×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

client exclusion of WLC

Answered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Saurav Lodh Wed, 07/09/2014 - 04:33
User Badges:
  • Gold, 750 points or more

Configuring Client Exclusion Policies (GUI)


    Step 1   Choose Security > Wireless Protection Policies > Client Exclusion Policies to open the Client Exclusion Policies page.
    Step 2   Select any of these check boxes if you want the controller to exclude clients for the condition specified. The default value for each exclusion policy is enabled.
    • Excessive 802.11 Association Failures—Clients are excluded on the sixth 802.11 association attempt, after five consecutive failures.
    • Excessive 802.11 Authentication Failures—Clients are excluded on the sixth 802.11 authentication attempt, after five consecutive failures.
    • Excessive 802.1X Authentication Failures—Clients are excluded on the fourth 802.1X authentication attempt, after three consecutive failures.

    • IP Theft or IP Reuse—Clients are excluded if the IP address is already assigned to another device.
    • Excessive Web Authentication Failures—Clients are excluded on the fourth web authentication attempt, after three consecutive failures.

    Issue the below command to see the time left when the client is excluded. default time is set to 60 sec. 

    show exclusionlist

    Information similar to the following appears:

    
                
              
    Dynamically Disabled Clients
    ----------------------------
      MAC Address             Exclusion Reason        Time Remaining (in secs)
      -----------             ----------------        ------------------------
    
    00:40:96:b4:82:55         802.1X Failure          	51
    
    Correct Answer
    abwahid Tue, 07/22/2014 - 19:30
    User Badges:
    • Bronze, 100 points or more

    Hi,

    Yes WLC will ignore the auth request as per exclusion policy you set.

     

    George Stefanick Wed, 07/23/2014 - 09:37
    User Badges:
    • Purple, 4500 points or more
    • Community Spotlight Award,

      Best Publication, October 2015

    Actually, I think it ignores the probes, not the AUTHs. Going off memory .. 

    Actions

    This Discussion

     

     

    Trending Topics - Security & Network