Blocking a device on a Stand Along Cisco AP

Hello all I have a device that is constantly trying to use some one else' credentials to authenticate and locking that persons account on one of the stand alone AP's.  I went ahead and tried to block the MAC by using the MAC filter ACL on the AP but looks like it is still able to connect and send the authentication request.  Is there a way to completely block this device? 
Here is what I did:
conf t
access-list 700 deny xxxx.yyyy.xyz1 0000.0000.0000
dot11 association mac-list 700
end
wr mem
exit
Also when I do "show acces-list" I do show hits on the "deny" ACL.

Thank you yes that was one of the site I used to setup the ACL.  Weird thing is that I did not see that device trying to associate in the logs however the ACL shows denies.
Bridge address access list 700
    deny   1834.51af.a953   0000.0000.0000 (110 matches)
    permit 0000.0000.0000   ffff.ffff.ffff (12 matches)
And looking at the ACS server I see the wrong authentication requests from this particular AP and the MAC address that is being denied.

Similar Messages

  • Help blocking smart devices from using VPN

    Hello,
    I am looking for a solution to block smart devices from connecting to our network via VPN. Our current VPN solution is ASA5520 and we are using Cisco ACS for user authentication. We use Cisco VPN client only, no anyconnect or SSL VPN.
    Managment is looking for a way we can stop smart devices from using VPN clients to connect and only allow laptops/desktops to connect.
    Does anyone have a way we can do this via ACS or another method?

    Ok I will try it again but according to this documentation the type must match what is displayed in the show vpn-sessiondb remote, when I do that command all I see is type ipsec....nothing about iOS or client version numbers.:
    version
    version Identifies the device version via free-form strings, for example 7.0. A string
    must match exactly its appearance in the show vpn-sessiondb remotedisplay, except that you can use the * character as a wildcard.

  • Usb block special device not writable

    This is a system programming / kernel level issue.
    I'm doing some hardware development on Mac OS X. When I plug the USB device in question in, I get a message box like this: "Disk Insertion: The disk you inserted was not readable by the computer" with two options, Ignore and Eject. If I choose ignore, the USB device can be accessed via the block special device /dev/disk1. However, /dev/disk1 cannot be opened for writing, even as root: the open(2) call always fails with EACCESS.
    A "diskutil info /dev/disk1" reports "Read Only: Yes." Could this be the issue? How does Mac OS decide to set this flag?
    FYI, a userspace program that interacts with this device file has so far been ported successfully to Windows, Linux, and FreeBSD. There's no read-only toggle switch on the device itself.
    Thanks in advance for any info you may have.

    Ok, I've managed to rebuild the IOUSBMassStorage kext from source, with DEBUG_LEVEL cranked way up. What follows is the syslog trace that comes right after plugging in the device. The first error we hit is kIOUSBPipeStalled, and then things finally snowball up to kIOReturnNotResponding. I'm no USB expert, but shouldn't a call to IOUSBPipe::ClearPipeStall(true) have been made pretty soon after the first error?
    b400]: kBulkOnlyCommandSent returned 0
    USBF: 6926.303 IOUSBMassStorageClass[0x155bb400]: BulkOnlyTransferData returned 0
    USBF: 6926.304 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.304 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyBulkIOComplete returned 0
    USBF: 6926.304 IOUSBMassStorageClass[0x155bb400]: BulkOnlyReceiveCSWPacket returned 0
    USBF: 6926.305 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.305 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyStatusReceived returned 0
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand was called
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand CDB data:
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: 0 : 0 : 0 : 0 : 0 : 0
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol sent
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket sent
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket returned 0
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW returned 0
    USBF: 6926.348 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol returned 0
    USBF: 6926.349 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.349 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyCommandSent returned 0
    USBF: 6926.349 IOUSBMassStorageClass[0x155bb400]: BulkOnlyReceiveCSWPacket returned 0
    USBF: 6926.350 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.350 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyStatusReceived returned 0
    USBF: 6926.350 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand was called
    USBF: 6926.350 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand CDB data:
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: 12 : 0 : 0 : 0 : 24 : 0
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol sent
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket sent
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket returned 0
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW returned 0
    USBF: 6926.351 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol returned 0
    USBF: 6926.352 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.352 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyCommandSent returned 0
    USBF: 6926.352 IOUSBMassStorageClass[0x155bb400]: BulkOnlyTransferData returned 0
    USBF: 6926.353 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.353 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyBulkIOComplete returned 0
    USBF: 6926.353 IOUSBMassStorageClass[0x155bb400]: BulkOnlyReceiveCSWPacket returned 0
    USBF: 6926.354 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6926.354 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyStatusReceived returned 0
    USBF: 6926.355 IOUSBMassStorageClass[0x155bb400]::IsProtocolServiceSupported called
    message repeated 3 times ---
    USBF: 6926.356 IOUSBMassStorageClass[0x155bb400]::IsProtocolServiceSupported called
    message repeated 1 time ---
    ForBulkOnlyProtocol send CBW
    unable to probe /dev/disk1 (status code 0xFFFFFFFC).
    USBF: 6927.381 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket sent
    USBF: 6927.381 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket returned 0
    USBF: 6927.381 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW returned 0
    USBF: 6927.381 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol returned 0
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: kBulkOnlyCommandSent returned 0
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: BulkOnlyTransferData returned e000404f
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: CompleteSCSICommand kSCSITaskStatusCHECKCONDITION
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand was called
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommand CDB data:
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: 12 : 0 : 0 : 0 : 24 : 0
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol sent
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket sent
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: BulkOnlySendCBWPacket returned 0
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandForBulkOnlyProtocol send CBW returned 0
    USBF: 6927.451 IOUSBMassStorageClass[0x155bb400]: SendSCSICommandforBulkOnlyProtocol returned 0
    USBF: 6927.452 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6927.452 IOUSBMassStorageClass[0x155bb400]: BulkOnlyExecuteCommandCompletion previous command returned e00002ed
    unable to probe /dev/disk1 (status code 0xFFFFFFFC).
    USBF: 6927.452 IOUSBMassStorageClass[0x155bb400]: + IOUSBMassStorageClass::FinishDeviceRecovery. Status = e00002ed
    USBF: 6927.452 IOUSBMassStorageClass[0x155bb400]: FinishDeviceRecovery reseting device on separate thread.
    USBF: 6927.452 IOUSBMassStorageClass[0x155bb400]: ResetDeviceNow
    USBF: 6927.453 IOUSBMassStorageClass[0x155bb400]: - IOUSBMassStorageClass::FinishDeviceRecovery
    USBF: 6927.453 IOUSBMassStorageClass[0x155bb400]: sResetDevice
    USBF: 6927.453 IOUSBMassStorageClass[0x155bb400]: GetInterfaceReference
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: kIOUSBMessageHubIsDeviceConnected returned = 0
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: ResetDevice() returned = e00002e2
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: AbortCurrentSCSITask called!
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: sAbortCurrentSCSITask
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: sAbortCurrentSCSITask Aborting current SCSITask with device not present.
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: AbortCurrentSCSITask Exiting
    USBF: 6927.455 IOUSBMassStorageClass[0x155bb400]: sResetDevice exiting.
    disk1: device/channel is not attached.
    message repeated 10 times ---
    USBF: 6927.480 IOUSBMassStorageClass[0x155bb400]: ResetDevice() returned = 0
    USBF: 6927.480 IOUSBMassStorageClass[0x155bb400]: sResetDevice exiting.
    Message was edited by: waitpid
    Message was edited by: waitpid

  • Saturday evening my i phone 4S stolen i wanted to block my device how to block it please help i did not have its IMEI number please help

    Hi Everone i need your help.
    Saturday evening my iphone 4S device stolen.now its show unavailable am going to lodge a complaint in near police station but the asked for IMEI number that i does not remember so what will i do it is possible to track it? if not so please tell me how to block the device?
    Regards,

    You can use the Find My iPhone feature on iCloud.com. That would need to have your 4s updated to iOS 6 and up to be able to track it and/or clear it. There are a thousand combinations to unlock the simple 4-pin password, so you still have time left to find your iPhone. For more information on how to use Find My iPhone, go to:
    http://www.apple.com/icloud/find-my-iphone.html
    http://support.apple.com/kb/PH2700
    OR
    http://support.apple.com/kb/PH2701?viewlocale=en_US

  • How to block mobile devices connected to internal Wi-Fi networks on Lync 2013

    How to block mobile devices connected to internal Wi-Fi networks on Lync 2013.
    we don't have lyncdiscoverinternal.contoso.com and lyncdiscover.contoso.com in internal DNS record, all mobile users are connecting from Internet, and we want it to be that way.
    So if I create the lyncdiscoverinternal.contoso.com record for Windows desktop clients autodiscover, how do I block internal mobile users from connecting to Lync??
    Praveen | MCSE Messaging 2003

    Hi Praveen,
    Based on my experience, one way to achieve this purpose you need to use the Reverse Proxy that is integrate with a Firewall (e.g. TMG 2010 , F5, etc…).
    Please have a look at the following picture.
    In Lync Server 2013,
    both the internal Mobility Service URL and the external Mobility Service URL are associated with the external Web Services FQDN.
     From the above picture, if you use a reverse proxy that is
    separate from the firewall, then the hairpin will be created,
     and cause the mobile client which connected to the internal Wifi will be able to
     access the external interface of the Reverse Proxy.
    In this situation, the mobile client which from Internet will not be effected.
    Best regards,
    Eric
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • TS4006 i had my iphone 4s stolen , how can block the device or wipe out its content?

    I had my iphone 4 s stolen, how can i block the device or wipe out its content?

    If the phone is offline there is no way to track it or send a message to it.  You can place it in lost mode to lock it and send it a message (see http://help.apple.com/icloud/#/mmfc0f0165), but this will not take place until the phone goes back online, if it ever does.  If it does, you will get an email informing you.
    You might want to read this: http://support.apple.com/kb/HT5668.

  • Blocking one device?

    I know this sounds **bleep**, but bear with me. I have no clue about any of this. Is there a way to block one device from using the wireless in my house? Let's say, hypothetically of course, that I want to block a certain adolescent's iPod from accessing the internet. Can I block just that device? Or is there a way to set up a password that everyone who uses the wireless would have to have?
    Thanks in advance....

    Yes to both questions.
    1)  If you want to block a specific device, you can use an advanced filter.
    Click on the Advanced icon
    Select Network Objects
    Click Add.  The Edit Network Object screen is displayed.
    Enter a description such as "Blocked iPods".
    Click Add again
    Select MAC address from the pull-down.
    Enter the MAC address of the iPod you want to block.
    APPLY.  The Network Objects screen is displayed.
    Click ADD if you want to add another device to the rule, otherwise APPLY.
    Click on the Firewall Settings icon.
    Select Advanced Filtering from the menu on the left.
    Under Output Rule Sets, Click ADD across from Wireless Access Point Rules
    Add Advanced Filter screen is displayed.
    From the Source Address field, select "Blocked iPods".
    From the Operation radio button, select drop.
    In the "When should this rule occur" pull-down, select Always or create a schedule.
    APPLY
    Click APPLY again.

  • Blocking the device

    My BB 9300 had been stolen 2 days before. Is there any way that I could block the device so that noone else would be able to use it?? Is the "imei" code number for this reason?
    Solved!
    Go to Solution.

    If you have pre-installed an application like BBProtect or SmrtGuard, you can login and block, wipe or lock the device.
    Your mobile provider can disable the SIM card and likewise can suspend or block the PIN and IMEI so that the device is unusable to another, however some providers will not suspend the IMEI, some will.
    1. If any post helps you please click the below the post(s) that helped you.
    2. Please resolve your thread by marking the post "Solution?" which solved it for you!
    3. Install free BlackBerry Protect today for backups of contacts and data.
    4. Guide to Unlocking your BlackBerry & Unlock Codes
    Join our BBM Channels (Beta)
    BlackBerry Support Forums Channel
    PIN: C0001B7B4   Display/Scan Bar Code
    Knowledge Base Updates
    PIN: C0005A9AA   Display/Scan Bar Code

  • ASM support BLOCK raw device?

    Does ASM support for BLOCK raw device? or only there is support for CHARACTER raw device?
    Or it is specific to UNIX platforms?
    Thanks.

    790066 wrote:
    Does ASM support for BLOCK raw device? or only there is support for CHARACTER raw device?As I understand, ASM needs to be able to open a device using the direct I/O call kernel interface. Old style block devices do not have that, thus the need for raw char devices (on top of a block device) to provide the required direct I/O interface.
    But raw devices have been depreciated by the Linux kernel and Oracle also has support notes stating the same. The kernel now supports opening a block device with the O_DIRECT flag set.
    Offhand though, I do not see a problem using a device in ASM as long as ASM has access to it (permissions okay, discovery string set) and the device can be successfully opened via the I/O calls made by ASM.
    You need to select the most appropriate device interface (if a device has multiple) for ASM to use. I'll expect that ASM notes/installation details from Oracle for that specific o/s will have the details needed to make that decision.
    Or it is specific to UNIX platforms?Do not use anything else but Linux for many years now, so cannot comment on how this works/looks like on Unix flavours like Solaris and HP-UX and others.

  • Hi; I lost my iPhone4!!! How can i block the device so it can´t be used to see the important notes and contacts inside???

    Hi; I lost my iPhone4!!! How can i block the device so it can´t be used to see the important notes and contacts inside???

    You cannot unless you had find my iphone activated on the iphone before it was lost.
    MobileMe: Find My iPhone overview

  • Can I block other devices from my apple tv?

    I just got an apple TV and my roommates are being jerks. They keep airplaying stupid videos to my device while I am trying to watch videos. Is there any way I can block their devices from access my Apple TV?
    Thanks

    Settings > AirPlay, set a pass code.

  • On v880 : "metadb:  has bad master block on device"

    Hi,
     In my production environment I have a v880 server.  While I was trying to replace a bad disk I had the
    message:   metadb: oradb1: has bad master block on device, when I ran the metadb -a -f -c3 /dev/dsk/c1t1d0s5 
    I can not find any information on the internet. Also, I have seen the thread https://community.oracle.com/thread/1918834, which is very old.
    According to the thread I have to split all the submirrors and create the mirrors again. That is very difficult for me to do it, because I have mounted volumes.
    Any ideas?
    Regards,
    Panos

    OK - after talking with a very knowledgable/helpful guy in Sun's storage group, the problem is solved. It turned out that since the new disk had a different DevID, the mirror did not get correctly restored. The solution was to do the following (note: d23 is the slice where I was trying to create the state db):
    # metaclear d23
    # metadb -a -c 2 c1t11d0s7
    # metattach d3 d23
    He also referred me to doc 73132
    Thanks Dan!

  • My internet keeps freezing and blocking other devices

    My wifi works for about 10 seconds then freezes,  it also blocks other devices from using the wifi (when I switch off they are fine), have tried re-setting and clearing the computer and internet history, does any one have any advice please?

    THe Gen3 TC fails on the ethernet side fairly often due to capacitor failure.
    See here.
    https://sites.google.com/site/lapastenague/a-deconstruction-of-routers-and-modem s/apple-time-capsule-repair/new-issue-with-a1355-gen-3-tc
    There are two distinct issues.. capacitors shorted and the whole thing stops.. capacitors lose their function .. go open circuit if you like and then the ripple goes up to the point where ethernet fails.

  • Is there a stand along application for Pages that I can download for Snow Leopard?

    Is there a stand along application for Pages (that's not part of iWork) that I can download for Snow Leopard?

    Go to the Mac App Store and search for Pages.  That is the only source of a stand alone version, but it requires 10.7, so it does not appear to be possible.

  • Differences between block special device and character special device

    Hi,
    I tried to figure out the differences of block and raw devices and try to understand when to use each type of device. To me they are about the same. Can someone enlighten me? For e.g "/dev/dsk/c0t0d0s5" and "/dev/rdsk/c0t0d0s5". I noticed that in "/etc/vfstab", the mounting process always use a block device whereas the fsck process always use a character device, I'm getting confuse about their differeces.
    Thank you for your help!

    I cannot speak for CS6.  Here are thoughts from a new APE11 user's view:
    adobe30022 wrote:
    Our needs for a video editor are very simple. We need to create simple titles and text overlay to show the name of the speaker and/or topic.
    APE11 provides simplicity and good functionality for this stated need.
    we would like to sync up the video with this audio. Can this be done in Adobe Premiere Elements 11?
    If your video and audio contain a clap, you can manually sync by sliding the audio peak along the video.  The audio wave form will be blanked out when sliding, with a frame counter showing how many whole frames you have moved the audio at each moment, so it is a "drag, stop, compare, drag another frame or two, stop, compare" process that works.  (Finer adjustment than whole frames is not possible.)  Once the sync is achieved, select both audio and video track and link them. (The stability of the sync over time will depend on the accuracy of the recorder, and can pose a problem in long recordings. )  
    increase the gain/volume for the audio or clean up some hum or background noise. Can this be done in Adobe Premiere Elements 11?
    APE11 allows adjusting the volume levels and also provides level normalization if desired, but more involved audio cleanup such as hiss and hum removal, compression, or auto gain are not available.
    Please let me know if Adobe Premiere Elements 11 can help us meet our needs. If there is any other software that would be more suitable please advise.
    You should download the APE11 trial to judge for yourself how well it will meet all your needs. 

Maybe you are looking for