Block a device from connecting or access an AP

JimDeLuca
New here

Block a device from connecting or access an AP

 We have a student device that is in our block policy and also block in AD from getting a DHCP IP address. We have also blocked the VPNs the student wants to use. However, this device is still causing issues. When he attempts to connect to our wireless he will take the AP down.  He took down two this morning.

 

Not sure if there is anything we can do other than banning the device from school porperty.

5 Replies 5
KarstenI
Kind of a big deal
Kind of a big deal

I would open a support case. A client connecting to an AP definitely shouldn't take that AP down.

JimDeLuca
New here

We did open a support case.  Waiting to hear from them was hoping some one had a similar situation and a solution

alemabrahao
Kind of a big deal
Kind of a big deal

There's no way he's doing a DDose by sending deauthentication probes or anything like that.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

Personally, I think this is foremost an "HR" issue and secondly a technical one.  I would probably take a step further than just banning the device.  The core issue is the human, so I would be trying to address the human issue directly.

 

I don't know which country you are in - but in most jurisdictions it is an an offence to deliberately cause disruption to someone else in the public ISM bands (which is what WiFi uses).

 

You can check this for your country, and warn the student that they are committing an offence, and the school may lay charges against them.  I'm guessing the school has a policy for students who break the law in the school grounds?

 

My personal guess is that @alemabrahao is right, and this is most likely to be a de-auth style attack.  There is very little you can do technically about this.

About your only option is to enable 802.11w (management frame protection) - HOWEVER - many IoT style devices and low-end phones have broken 802.11w implementations - and will experience all kinds of issues.  Computers generally do support 802.11w.

https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/802.11w_Management_Frame_Protect... 

RaphaelL
Kind of a big deal
Kind of a big deal

That's far fetched but someone 'could' be exploiting CVE-2022-33279 which 29.5.1 fixes ,but the odds are very very slim.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels