Quarantine Authorized Device
Watchguard AP 420 & 325 running in Watchguard WiFi Cloud
Per the instructions prior to turning WIPS on, I monitored all the devices on my network and classified each AP and Client as Authorized, External, Guest etc………
Then in Discover > Configure > WIPS I followed the recommended settings for AP Auto-Classification and Client Auto-Classification.
My issue is with an HP MFP device that only connects to our network wirelessly. This device has been classified as Authorized, and connects to an Authorized AP on a secure network. When I turn WIPS on this device is labeled as Rogue and thrown into Quarantine, making it unusable. On HP’s newer MFP’s there is a Network Setting called WiFi Direct, which allows smart devices to connect and print without having to be on the network. WIPS thinks this is a MITM attack, which I understand, but even after disabling this feature and re-classifying the device as Authorized, WIPS still quarantines it.
I have pushed every button and link in both the Discover & Manage sites to solve this without any luck. Even now I still see this Event:
Authorized] client [HP23383E] is running a Soft Mobile Hotspot AP or a Windows 7 Virtual AP
Any ideas anyone?
IMHO, Watchguard has made this very confusing having two different sites (Discover & Manage) to administer your wireless network. Once can turn WIPS on and off in both sites, Classify AP’s and Clients in both sites, monitor events and security alerts in both sites and more. Does one site take precedence over the other?
Thanks!
- Doug
It's usually something simple.
Comments
Hi Doug,
Thanks for the reply.
Discover and Manage are currently in a transition period -- eventually Discover will replace most of the tools in WiFi cloud.
I'd suggest opening a support case with WG support (use the support center link in the top right) -- this will allow the techs to take a look at your logs and they can see if there's a way we can get this to work with your devices.
Thank you
-James Carson
WatchGuard Customer Support
I managed to enable the NIC on the device and it is now hard wired into the network.
It's usually something simple.