Title: 【Typical Case】Troubleshooting the Ineffectiveness of an SSID-based Blocklist on WS6008 [Print this page] Author: zhangqiao@ruiji Time: 2024-8-2 11:47 Title: 【Typical Case】Troubleshooting the Ineffectiveness of an SSID-based Blocklist on WS6008 Keywords:
AC,Blocklist, SSID
1. Issue Description
After an SSID-based blocklist is configured on the AC, a client whose MAC address is onthe blocklist can still connect to the SSID and access the network normally.
2. Device Model and Firmware
Device Type
Device Model
Firmware Version
Ruijie wireless
RG-WS6008
RGOS 11.9(6)W3B1
3. Cause Analysis
1. It is verified that the configurations on the web interface are correct, and the output of the showblack-white-list config command confirms that the configurations are correct and take effect. Despite this, the client (alaptop) whose NIC is on the blocklist can still connect to the SSID and obtainan IP address.
2. The AC model is identified, and the AC uses the latest firmware version.
3. The client's MAC address cannot be found on the AC's client list.
4. Root Cause
Locate the BSSID (the connected AP) by checking the WLAN information on the client.
It was discovered that the AC does not manage the BSSID. Consequently, the blocklist configuration on the AC does not apply to this BSSID. The SSID-based blocklist only functions when the client connects to the specified AP through which the AC delivers related configurations. Therefore, the client in question remains unaffected by the blocklist because it is not connected to the designated AP.
5. Solution
Change the client or AP, or use a device on the AC's client list for testing. Verify if any clients with their MAC addresses on the blocklist are disconnected and unable to connect to the WLAN. If they are unable to connect, then the configuration is effective.
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
