Use the prohibited-ap command to add, update, or remove an AP from prohibited status. APs are identified in this context by their BSSID (Basic Service Set ID), which is the same as their MAC address. The prohibited-ap command is accessible from the mitigator:maintenance context of the CLI.
After you run the prohibited-ap command, run the apply command to implement the change.
bssid | The MAC address of the AP. |
desc string | An optional alphanumeric character string describing the AP. |
category string | The optional category defines the reason the AP is prohibited. Valid values are: prohibitedap, internalhoneypot, and externalhoneypot |
delete | Removes the AP identified by the BSSID from prohibited AP status. |
The following example makes testap1 with BSSID: 11:11:22:22:33:33 prohibited due to the prohibitedap category:
EWC.extremenetworks.com:mitigator:maintenance# prohibited-ap 11:11:22:22:33:33 desc testap1 category prohibitedap EWC.extremenetworks.com:mitigator:maintenance# apply
The following example removes the AP with BSSID: 11:11:22:22:33:33 from prohibited status:
EWC.extremenetworks.com:mitigator:maintenance# prohibited-ap 11:11:22:22:33:33 delete EWC.extremenetworks.com:mitigator:maintenance# apply