This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

X450G2 - Intrusion Reaction

X450G2 - Intrusion Reaction

SaschaE
New Contributor

‎08-25-2022 05:47 AM

Hello community,

i am far from intermediate regarding Exos and i am searching for a way to block unknown devices with a little app i am currently writing for our office:

This app identifies machines that are not known in the network
If a machine is not known it will be scanned and tested, informing the admin
The machine receives a message that it will be forced out of the network
All done so far...
->From here i would like our exos to route all traffic from this machine (by ip or mac) in a dead vlan.<-
This could not be port-specific as fe all wlan traffic comes from one port.

At best this would be a console command that could be send via ssh. Any solutions?

Thx in advance
0 Kudos
1 REPLY 1

StephenW
Extreme Employee

‎10-04-2022 06:58 AM

You can configure Extreme Policy statically with two Roles "Untested" and "Approved" with different VLANs and permissions.  Normally we would just use Radius to do all the auth and checking but you could swap the static Policy Role via SSH, and the port would take over the config.  The main limitation is this is for the entire port not per MAC.  

GTM-P2G8KFN