Mobility/Wireless

Reply
New Contributor
Posts: 2
Registered: ‎09-12-2011

RFS6000 - Arp poison behaviour

Hi all ,

I hava guest wireless network using rfs6000 and ap 7131 .. the guest are connecting the network using hotspot configuration w/o need to authetication . So far the network is working fine, until one day some client able to see the hotspot page , however when agreed with the license and try to login . The system it prompt login failed .

When i check the system log it have some arp cache poison message . Unfortunately due to urgency i rebooted the controller without save the logs and the problem seem gone . Funny things is my disclaimer of my hotspot page is missing  (I did save to startup config).

I managed see one logs after startup : ARP CACHE POISONING : conflict snooping entry found :Ethernet ......

In the specification of rfs 6000 it say can prevent arp cache poison and ip spoofing .. so my question are:

1)Is it due to arp cache poisoning issue that client authetication failed ? how come it still able see the login page ?

2)what is the prevention behaviour to such attack from controller ?

3)what could be the reason that the hotspot disclaimer missing ?

thanks for help

New Contributor
Posts: 2
Registered: ‎09-12-2011

Re: RFS6000 - Arp poison behaviour

The mitigate solutions are go to the wireless firewall and set deny to the mac address that cause the problem .. So it seem its a manual process but not auto like IPS.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook