Hi Everyone,
Is there a manual available to read/understand some of the alerts that are being reported within Aruba Central?
The setup is around 90 x IAP-275 inside a warehouse with Aruba Central.
For example, my client has numerous "Infrastructure Attack Detected" messages and below is just one example:
"
An AP (NAME 70:3a:0e:c5:4a:74 and MAC 70:3a:0e:c5:4a:74 on RADIO 2) detected that the device with MAC address d8:06:03:a1:d8:16 (BSSID 01:a9:d8:b6:02:a9 on CHANNEL 11 with SNR 10) has sent a malformed information element with a declared length that is too large. This could disrupt or crash the device with address 00:a9:d8:06:03:a5"
Now, the first MAC Address belongs to Aruba however the following 2 x MAC Addresses don't exist anywhere so what for example is the malformed information element with a declared length that is too large?
Ideally I would appreciate any assistance to understand the alerts as my client is experiencing difficulty with devices that keeps connecting and disconnecting (Zebra Scanners and Cisco VoIP handsets)
On top of this the Virtual Controller Disconnected alerts keep adding up as well.
Are these rogue devices, attacks etc?