Blacklist synchronisation on wireless controller

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
Hello,

I have a question according the client Blacklist on the wireless controller (in the GUI reachable via "AP->Mobile Stations->Whitelist/Blacklist".

Is this Blacklist synchronized between two controllers working as HA-pair?
What is to configure for synchronization?

Thank you for help

Best regards
Stephan Harrer
Photo of Stephan Harrer

Stephan Harrer

  • 162 Points 100 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 51,288 Points 50k badge 2x thumb
Hi Stephan,

I'm not 100% sure but I think the list is synchronized to the 2nd controller.

Synchronization is configured in..
> Controller > Administration > Availability > Synchronization Options
and also in
> VNS > Global > Sync Summary - here you'd also check whether the different services/roles/VNS.. are in sync.

-Ron
Photo of Gareth Mitchell

Gareth Mitchell, Extreme Escalation Support Engineer

  • 5,994 Points 5k badge 2x thumb
Stephan

This is a new feature in 9.21.01 firmware, you can set it in the same location as before, I added this mac on EWC7 and it appeared on EWC8 (its availability partner.)


:

I created this article for reference: https://gtacknowledge.extremenetworks.com/articles/Q_A/On-the-identifi-wireless-controller-is-the-blacklist-synchronised-to-the-controllers-availability-partner

Best regards




-Gareth
(Edited)
Photo of JAGADISH PATIL

JAGADISH PATIL

  • 70 Points
how many users can be blacklisted in this option. i mean what is the max limit for this option.
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 51,288 Points 50k badge 2x thumb
The max is 768 entries for all platforms....



-Ron
Photo of JAGADISH PATIL

JAGADISH PATIL

  • 70 Points
Your really champ.. :-)

Thanks for ur reply.

I would like to know, is it live users or max entries which we can make entry in the table.

In my case we need to add 2500 white-list users mac address in this table which would be white-listed and can be used in the network. Rest users should not get the access.

Thanks
Jagadish Patil
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 51,288 Points 50k badge 2x thumb
Nerd would hit the nail on the head :-)

It's max. entries. So you can't add 2500 MACs.
What you could do is to blacklist/whitlist a whole OUI range i.e. E4:25:E7 = Apple.
That count as a sinble entry and you block/whitelist the whole list.

If that isn't possible in your scenario you'd need to do external MAC auth to a RADIUS with the database of the client MACs.

-Ron