Release Notes
2087 | wlan virtual-ap Dell Networking W-Series ArubaOS 6.4.x| Reference Guide
Parameter Description Range Default
blacklist
Enables detection of denial
of service (DoS) attacks, such
as ping or SYN floods, that
are not spoofed deauth
attacks.
— enabled
blacklist-time
Number of seconds that a
client is quarantined from
the network after being
blacklisted.
0-
2,147,483,647
seconds
3600
seconds
(1 hour)
broadcast-filter
Filter out broadcast and
multicast traffic in the air.
— disabled
all
Filter out broadcast and
multicast traffic in the air.
NOTE: Do not enable this
option for virtual APs
configured in bridge
forwarding mode. This
configuration parameter is
only intended for use for
virtual APs in tunnel mode. In
tunnel mode, all packets
travel to the controller, so
the controller is able to drop
all broadcast traffic. When a
virtual AP is configured to
use bridge forwarding mode,
most data traffic stays local
to the AP, and the controller
is not able to filter out that
broadcast traffic.
IMPORTANT: If you enable
this option, you must also
enable the Broadcast-Filter
ARP parameter in the
stateful firewall configuration
to prevent ARP requests
from being dropped. Note
also that although a virtual
AP profile can be replicated
from a master controller to
local controllers, stateful
firewall settings do not. If you
select the broadcast-filter
all option for a Virtual AP
Profile on a master
controller, you must enable
the broadcast-filter arp
setting on each individual
local controller.
— enabled