How to configure the STA blacklist on WLAN devices

16

A STA blacklist contains MAC addresses of STAs that are not allowed to connect to the WLAN. To forbid some STAs from connecting to the WLAN, you can configure a STA blacklist.
You can configure a global STA blacklist for APs, and the blacklist takes effect on all VAPs. You can also configure a STA blacklist for specified VAPs. If an AP and a VAP are configured with the blacklist or whitelist function, a STA can connect to the WLAN only when it is permitted by both the configuration on the AP and VAP.
- For V200R003 and V200R005, you can perform the following steps to configure a STA blacklist for specified APs on an AC or a Fat AP:
1. Run the sta-blacklist mac-address command in the WLAN view to add specified MAC addresses to the STA blacklist. The variable mac-address specifies the MAC addresses in the STA blacklist.
2. For ACs: run the sta-access-mode ap { { start-id [ to end-id ] } &<1-10> | all } blacklist command in the WLAN view to set the access control mode to the STA blacklist for a specified AP. The variable start-id and end-id specify the AP ID range.
For Fat APs: Run the sta-access-mode blacklist command in the WLAN view to set the access control mode to the STA blacklist.
3. Run the commit { all | ap ap-id } command in the WLAN view to deliver configurations to the APs (applicable only to the AC). The variable ap-id specifies the AP ID.
- For V200R003 and V200R005, you can perform the following steps to configure a STA blacklist for specified VAPs on an AC or a Fat AP:
1. Run the sta-blacklist-profile { name list-name | id list-id } command in the WLAN view to create a STA blacklist profile and display the STA blacklist profile view. The variable list-name specifies the STA blacklist profile name, and list-id specifies the STA blacklist profile ID.
2. Run the sta-mac mac-address command in the STA blacklist profile view to add the MAC address of a STA to the STA blacklist profile. The variable mac-address specifies the MAC addresses in the STA blacklist.
3. Run the service-set { id profile-id | name profile-name } * command in the WLAN view to display the service set view. The variable profile-id specifies the service set ID, and profile-name specifies the service set name.
4. Run the sta-access-mode blacklist command in the service set view to set the access control mode for VAPs to the STA blacklist.
5. Run the set view sta-blacklist-profile { name list-name | id list-id } command in the service set view to bind a STA blacklist profile for the service set. The variable list-name specifies the STA blacklist profile name, and list-id specifies the STA blacklist profile ID.
6. Run the commit { all | ap ap-id } command in the WLAN view to deliver configurations to the APs (applicable only to the AC). The variable ap-id specifies the AP ID.

Other related questions:
What are the STA blacklist and whitelist specifications of WLAN devices
For V200R003: - STA blacklist/whitelist configured for APs: a. The AC6005 can be configured with a maximum of 256 STA MAC addresses in the STA blacklist/whitelist. b. The AC6605 can be configured with a maximum of 512 STA MAC addresses in the STA blacklist/whitelist. c. A Fat AP can be configured with a maximum of 16 STA MAC addresses in the STA blacklist/whitelist. - STA blacklist/whitelist configured for VAPs: a. An AC can be configured with a maximum of 128 STA blacklist/whitelist profiles, and each profile supports a maximum of 512 STA MAC addresses in the STA blacklist/whitelist. b. A Fat AP can be configured with a maximum of 16 STA blacklist/whitelist profiles, and each profile supports a maximum of 256 STA MAC addresses in the STA blacklist/whitelist. For V200R005: - STA blacklist/whitelist configured for APs: a. The AC6005 can be configured with a maximum of 256 STA MAC addresses in the STA blacklist/whitelist. b. The AC6605 can be configured with a maximum of 512 STA MAC addresses in the STA blacklist/whitelist. c. The ACU2 can be configured with a maximum of 1024 STA MAC addresses in the STA blacklist/whitelist. d. A Fat AP can be configured with a maximum of 16 STA MAC addresses in the STA blacklist/whitelist. - STA blacklist/whitelist configured for VAPs: a. An AC can be configured with a maximum of 128 STA blacklist/whitelist profiles, and each profile supports a maximum of 512 STA MAC addresses in the STA blacklist/whitelist. b. A Fat AP can be configured with a maximum of 16 STA blacklist/whitelist profiles, and each profile supports a maximum of 256 STA MAC addresses in the STA blacklist/whitelist. Note: When the number of STAs exceeds the maximum value supported in a whitelist, STA access control can be performed by associating with the authentication server. MAC address authentication is recommended.

What STA information can be displayed on a WLAN device
1. Number of STAs associated with an AP For V200R005, run the display station assoc-num command. For V200R006, run the display station ap-id xx command. 2. STA information For V200R005, run the display station assoc-info sta sta-mac command. For V200R006, run the display station sta-mac sta-mac command. The display contents vary depending on versions. The following uses V200R005C10 as an example: display station assoc-info sta d420-6df4-f37e Station mac-address : d420-6df4-f37e //STA mac Station ip-address : 0.0.0.0 //STA IP Station gateway : 0.0.0.0 Associated SSID : jsldoc //SSID Station online time(ddd:hh:mm:ss) : 000:00:04:20 //Online time The upstream SNR(dB) : 30.0 The upstream aggregate receive power(dBm) : -79.0 Station connect rate(Mbps) : 23 //Rate Station connect channel : 1 //Channel Station inactivity time(ddd:hh:mm:ss) : 000:00:00:00 ...... Station's RSSI(dBm) : -66 //Single strength Station's Noise(dBm) : -109 Station's radio mode : 11b //Network type Station's AP ID : 6 //AP ID (supported only by V200R005C00) Station's Radio ID : 0 //0 indicates 2.4G, and 1 indicates 5G (supported only by V200R005C00). Station's Authentication Method : OPEN Station's Cipher Type : NO CIPHER Station's User Name : d4206df4f37e Station's Vlan ID : 28 Station's Channel Band-width : 20MHz Station's asso BSSID : dcd2-fc9a-2110 Station's state : Asso with auth Station's Qos Mode : NULL Station's HT Mode : - Station's MCS value : 0 Station's NSS value : 0 Station's Short GI : support Station's roam state : No

How do WLAN devices restrict access from weak-signal STAs
For details about how to configure an AC to restrict access from weak-signal STAs, see: V200R005: Restricting Access from Weak-Signal or Low-Rate STAs V200R006: Configuring Smart Roaming

How do WLAN devices force low-rate STAs to log out
For details about how to configure an AC to force low-rate STAs to log out, see: V200R005: Restricting Access from Weak-Signal or Low-Rate STAs V200R006: Configuring Smart Roaming

How do I view STA Internet access behavior on a WLAN device
APs serve as Layer 2 access nodes and cannot record information about STA Internet access.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top