Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Wireless Clinet is blocking in cisco WLC by ForeScout

In my network ForeScout CounterACT is enable for blocking un-authorized mobile/laptop get wireless access. But now i have one mac which is showing in Cisco WLC in Disabled Clients "Blocked by CounterACT" but i need to enable wireless for this host. Every time i remove this mac from disabled clients it will come back again. Also i remove the policy from ForeScout CounterACT device but still it is automatically showing in Cisco WLC disable clients. Please help me how to remove this mac permanently from disable client in WLC. This is a live environment. 

Thank you.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

you could use the WLC CLI to

you could use the WLC CLI to solve your problem...

Use the following command to add or delete client exclusion entries.

config exclusionlist { add MAC [ description] | delete MAC | description MAC [ description]}

 

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0111010.html

3 REPLIES
Cisco Employee

you could use the WLC CLI to

you could use the WLC CLI to solve your problem...

Use the following command to add or delete client exclusion entries.

config exclusionlist { add MAC [ description] | delete MAC | description MAC [ description]}

 

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0111010.html

Community Member

I have had this problem as

I have had this problem as well. The last time I looked there was a bug in the wireless plugin for CounterACT that caused the plugin to continue to re-add devices to the disabled client list even after the policy was disabled. Try stopping and restarting the wireless plugin in CounterACT (after your ensure your policies that block your wireless client have been disabled). That should clear all clients out of the disabled list on your WLC's.

Community Member

I am trying to integrate our

I am trying to integrate our Cisco wireless controller to Forecout Counteract so that I can extend my NAC capabilities to the wireless. I am however having challenges doing this as this error keeps popping up on the Forescout Counteract to check the controller IP, SNMP community and CLI credential (screenshot attached).

I would appreciate a swift help on this.

Regards,

Omotunde

981
Views
0
Helpful
3
Replies
CreatePlease to create content