I have a customer who is in the evaluation phase of AirDefense, and they are receiving "Wireless Client Isolation Communication Violation" alarms for stations connected to WLANs which have mu-mu-disallow configured. Security profiles are configured for these SSIDs in which "Wireless Client Isolation" is enabled, and they are applied at the system level of the ADSP tree. The WLAN consists of an RFS6000 and (13) AP7131N's. 10 of the 13 APs have sensor radios configured. Why would this be occurring, and how do you recommend I troubleshoot? Thank you!
Wireless Client Isolation Alarm |
2 Replies
One important point is also missing from your description of the setup. Are the WLANs locally bridged or extended? I recall that locally bridged WLANS would not prevent traffic from clients associated to other APs on the same VLAN from bridging into the air. A simple arp request which is broadcast would hit ever other AP and be transmitted into the air. This case would cause the event to trigger. As the RFS6K would process all traffic from Extended WLANs it should prevent MU-to-MU communications. It sounds like the ADSP system is detecting a problem based on the policy assignment. The event will trigger when any from DS traffic is observed where the source address is a wireless client connected to the network. This could be broadcast mutlicast or unicast. If you run a quick frame capture on one of the APs and look for wireless traffic transmitted by the AP from a client not associated to that AP it will confirm the problem.
Thanks for the feedback, but I'm not sure this is the case here. The WLANs are Extended with no local bridging. The APs are connected to access ports with only AP management VLAN 910 configured, and all traffic is tunneled to the RFS where it is forwarded onto VLAN 450. I've attached the RFS config file.