Blacklisting Unauthorized Users
An unauthorized user can attempt logging in to the Instant AP as an administrator using invalid credentials. Such unauthorized users can be blacklisted and blocked from the network by the administrator. The administrator can configure the count for unsuccessful login attempts, exceeding which the user will be blocked out of the system and the duration for which the user will be blacklisted.
When configured, the unauthorized user's IP address will be blacklisted in thetable and will be barred from attempting logins to the network for the time period defined in . The blacklist maintained for invalid users can contain up to 256 entries. The blacklist will be cleared when the number of entries exceed 256 or in the event of an AP reboot.
Configuring Blacklist for Unauthorized Users
Two parameters should be configured to blacklist an unauthorized user, the number of unsuccessful login attempts allowed and the time duration the unauthorized user should be blacklisted. This can be configured only through the CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions..
To configure the count for allowed unsuccessful login attempts, before the user is blacklisted, use the following command syntax:
The following CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure the time period for blacklisting the user:
, the value is measured in seconds.
(Instant AP) # configure terminal
(Instant AP) # mgmt-login-threshold <1-65535>
(Instant AP) # mgmt-login-blacklist-period <10-65535>
(Instant AP) #exit
The blacklisting feature can be turned off using thecommand.
(Instant AP) # no mgmt-login-threshold