Yup.. we had to disable the “Arp Spoof” settings in the IDS profiles. We have other irons in the fire so we are not able to do much to investigate this issue at this time.
M From: The EDUCAUSE Wireless Issues Community Group Listserv <[email protected]> on behalf of "McClintic, Thomas" <[email protected]> Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv <[email protected]> Date: Friday, September 18, 2020 at 11:46 AM To: "[email protected]" <[email protected]> Subject: [WIRELESS-LAN] iOS 14 Causing ARP Spoofing Events on Aruba Controllers We have begun seeing an impact with iOS 14 on our various SSIDs with ARP Spoofing events. We had not seen an event this year until July 9th (the date beta was released). There has been a large increase since the 16th of the events. The events seem to occur randomly as we are starting to troubleshoot. They still occur even when clients disable the privacy setting for the network. Since our blacklist interval is set to 30 minutes this is causing an interruption of service when it occurs. Has anyone else seen similar events? I have opened a TAC case to assist. Thanks TJ McClintic UTHealth | The University of Texas Health Science Center at Houston Houston’s Health University Communications Technology | Network Operations 7000 Fannin | Suite M60 | Houston, TX 77030 713.486.9269 netops | 713.486.2271 office ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
