New Contributor
Posts: 2
Registered: ‎09-12-2011

RFS6000 - Arp poison behaviour

Hi all ,

I hava guest wireless network using rfs6000 and ap 7131 .. the guest are connecting the network using hotspot configuration w/o need to authetication . So far the network is working fine, until one day some client able to see the hotspot page , however when agreed with the license and try to login . The system it prompt login failed .

When i check the system log it have some arp cache poison message . Unfortunately due to urgency i rebooted the controller without save the logs and the problem seem gone . Funny things is my disclaimer of my hotspot page is missing  (I did save to startup config).

I managed see one logs after startup : ARP CACHE POISONING : conflict snooping entry found :Ethernet ......

In the specification of rfs 6000 it say can prevent arp cache poison and ip spoofing .. so my question are:

1)Is it due to arp cache poisoning issue that client authetication failed ? how come it still able see the login page ?

2)what is the prevention behaviour to such attack from controller ?

3)what could be the reason that the hotspot disclaimer missing ?

thanks for help

New Contributor
Posts: 2
Registered: ‎09-12-2011

Re: RFS6000 - Arp poison behaviour

The mitigate solutions are go to the wireless firewall and set deny to the mac address that cause the problem .. So it seem its a manual process but not auto like IPS.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.