Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(

181

182

183

184

185

186

187

188

189

190

In the Instant UI

To configure firewall settings:

1. Click the Security link at the top right corner of Instant main window.

2. Clickthe Firewall Settings tab. The Firewall Settings tab contents are displayed.

3. To configure protection against security attacks, select the following checkboxes:

l Select Drop bad ARP to enable the IAP to drop the fake ARP packets.

l Select Fix malformed DHCP to the IAP to fix the malformed DHCP packets.

l Select ARP poison check to enable the IAP to trigger an alert notifying the user about the ARP poisoning that

may have been caused by the rogue APs.

Figure 53 Firewall Settings —Protection Against Wired Attacks

4. Click OK.

In the CLI

To configure firewall settings to prevent attacks

(Instant AP)(config)# attack

(Instant AP)(ATTACK)# drop-bad-arp-enable

(Instant AP)(ATTACK)# fix-dhcp-enable

(Instant AP)(ATTACK)# poison-check-enable

(Instant AP)(ATTACK)# end

(Instant AP)# commit apply

To view the configuration status:

(Instant AP)# show attack config

Current Attack

--------------

Attack Status

------ ------

drop-bad-arp Enabled

fix-dhcp Enabled

poison-check Enabled

To view the attack statistics

(Instant AP)# show attack stats

attack counters

--------------------------------------

Counter Value

------- -------

arp packet counter 0

drop bad arp packet counter 0

dhcp response packet counter 0

fixed bad dhcp packet counter 0

send arp attack alert counter 0

send dhcp attack alert counter 0

arp poison check counter 0

garp send check counter 0

Aruba Instant 6.4.0.2-4.1 | User Guide Roles and Policies | 183