Virus Alert Message for Android Tablet

  • 1
  • Question
  • Updated 1 year ago
Hello,

i have AP230 with Release 6.5r4. I see the following Message in the Hive: " This client device might be infected with a virus or malware. Remove the device from the network, remove any viruses or malware, and then reconnect it" Also the Client is disconnected shortly again and again after some Minutes. What is the Backgroud of this and how can i fix it? Virus Scan on the Device is negative.

Thank you and best Regards
Photo of Neo

Neo

  • 16 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Jonathan Hurtt

Jonathan Hurtt

  • 98 Posts
  • 48 Reply Likes
Neo,

Where are you seeing this message, and can you get a screenshot? I don't believe we are providing this message. Can you get a screenshot?
Photo of Neo

Neo

  • 16 Posts
  • 0 Reply Likes
here we go
Photo of Neo

Neo

  • 16 Posts
  • 0 Reply Likes
Photo of Jonathan Hurtt

Jonathan Hurtt

  • 98 Posts
  • 48 Reply Likes
This is implying saying that the client traffic was blocked by an ACL, can you provide a running configuration of your AP002.
Photo of Neo

Neo

  • 16 Posts
  • 0 Reply Likes
can i send you a private message? or do you have an eMail?
Photo of Jonathan Hurtt

Jonathan Hurtt

  • 98 Posts
  • 48 Reply Likes
Neo, I just emailed you.
Photo of Arpit Parikh

Arpit Parikh

  • 1 Post
  • 0 Reply Likes

Hello Jonathan,

do you have fix for this? if you do then can you also send it to me. I got the same error message.

Photo of Metka Dragos

Metka Dragos

  • 51 Posts
  • 11 Reply Likes
Arpit, can you please send us the running configuration from your AP? Thank you
Photo of Arpit Parikh

Arpit Parikh

  • 8 Posts
  • 0 Reply Likes
Hello Metka,

here I am copying my running config.

Aerohive Networks Inc.Copyright (C) 2006-2016
Finance side #show run
Finance side #show running-config
security mac-filter Hive-Profile-1 default permit
security mac-filter ECMHSP-GUEST default permit
security mac-filter ECMHSP default permit
security mac-filter ECMHSP oui 8c:f5:a3 deny
radio profile ECMHSP-radio_ng_ng0
radio profile ECMHSP-radio_ng_ng0 phymode 11ng
radio profile ECMHSP-radio_ng_ng0 acsp access channel-auto-select time-range 01:                                                                                                                                                             00 04:00
radio profile ECMHSP-radio_ng_ng0 acsp all-channels-model enable
no radio profile ECMHSP-radio_ng_ng0 backhaul failover
radio profile ECMHSP-radio_ng_ng0 interference-map enable
radio profile ECMHSP-radio_ng_ng0 short-guard-interval
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11b rate 11 success 60 usage                                                                                                                                                              50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11b rate 5.5 success 70 usag                                                                                                                                                             e 50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11g rate 36 success 70 usage                                                                                                                                                              50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11g rate 24 success 80 usage                                                                                                                                                              50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11a rate 36 success 70 usage                                                                                                                                                              50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11a rate 24 success 80 usage 50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11n rate mcs4/2 success 80 usage 50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11n rate 54 success 70 usage 50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11ac rate mcs2/2 success 80 usage 50
radio profile ECMHSP-radio_ng_ng0 benchmark phymode 11ac rate 54 success 70 usage 50
radio profile ECMHSP-radio_ng_ng0 band-steering enable
radio profile ECMHSP-radio_ng_ng0 band-steering mode prefer-5g
radio profile ECMHSP-radio_ng_ng0 presence enable
radio profile ECMHSP-radio_ng_ng0 presence aging-time 15
radio profile ECMHSP-radio_ng_ng0 presence trap-interval 15
radio profile ECMHSP-radio_ng_ng0 presence aggr-interval 15
radio profile radio_ng_ac0
radio profile radio_ng_ac0 phymode 11ac
radio profile radio_ng_ac0 acsp access channel-auto-select time-range 01:00 04:00
radio profile radio_ng_ac0 interference-map enable
radio profile radio_ng_ac0 interference-map cu-threshold 35
radio profile radio_ng_ac0 interference-map crc-err-threshold 35
radio profile radio_ng_ac0 short-guard-interval
radio profile radio_ng_ac0 benchmark phymode 11b rate 11 success 60 usage 50
radio profile radio_ng_ac0 benchmark phymode 11b rate 5.5 success 70 usage 50
radio profile radio_ng_ac0 benchmark phymode 11g rate 36 success 70 usage 50
radio profile radio_ng_ac0 benchmark phymode 11g rate 24 success 80 usage 50
radio profile radio_ng_ac0 benchmark phymode 11a rate 36 success 70 usage 50
radio profile radio_ng_ac0 benchmark phymode 11a rate 24 success 80 usage 50
radio profile radio_ng_ac0 benchmark phymode 11n rate mcs4/2 success 80 usage 50
radio profile radio_ng_ac0 benchmark phymode 11n rate 54 success 70 usage 50
radio profile radio_ng_ac0 benchmark phymode 11ac rate mcs2/2 success 80 usage 50
radio profile radio_ng_ac0 benchmark phymode 11ac rate 54 success 70 usage 50
radio profile radio_ng_ac0 band-steering enable
radio profile radio_ng_ac0 band-steering mode prefer-5g
security-object ECMHSP-GUEST
security-object ECMHSP-GUEST security protocol-suite wpa2-aes-psk ascii-key ***
security-object ECMHSP-GUEST default-user-profile-attr 2
security-object ECMHSP
security-object ECMHSP security protocol-suite wpa2-aes-psk ascii-key ***
client-monitor policy default_Policy problem-type association
client-monitor policy default_Policy problem-type authentication
client-monitor policy default_Policy problem-type networking
ssid ECMHSP-GUEST
ssid ECMHSP-GUEST security-object ECMHSP-GUEST
ssid ECMHSP-GUEST security mac-filter ECMHSP-GUEST
ssid ECMHSP-GUEST 11g-rate-set 11-basic 6 9 12 18 24 36 48 54
ssid ECMHSP-GUEST multicast conversion-to-unicast auto
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type probe-req
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type probe-resp
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type assoc-req
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type assoc-resp
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type auth
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type deauth
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type disassoc
no ssid ECMHSP-GUEST security wlan dos ssid-level frame-type eapol
no ssid ECMHSP-GUEST security wlan dos station-level frame-type probe-req
no ssid ECMHSP-GUEST security wlan dos station-level frame-type probe-resp
no ssid ECMHSP-GUEST security wlan dos station-level frame-type assoc-req
no ssid ECMHSP-GUEST security wlan dos station-level frame-type assoc-resp
no ssid ECMHSP-GUEST security wlan dos station-level frame-type auth
no ssid ECMHSP-GUEST security wlan dos station-level frame-type deauth
no ssid ECMHSP-GUEST security wlan dos station-level frame-type disassoc
no ssid ECMHSP-GUEST security wlan dos station-level frame-type eapol
ssid ECMHSP-GUEST client-monitor-policy default_Policy
ssid ECMHSP
ssid ECMHSP security-object ECMHSP
ssid ECMHSP security mac-filter ECMHSP
ssid ECMHSP 11g-rate-set 11-basic 6 9 12 18 24 36 48 54
ssid ECMHSP uapsd
ssid ECMHSP multicast conversion-to-unicast auto
ssid ECMHSP client-monitor-policy default_Policy
hive Hive-Profile-1
hive Hive-Profile-1 security mac-filter Hive-Profile-1
hive Hive-Profile-1 wlan-idp mitigation-mode manual
hive Hive-Profile-1 password ***
interface eth0 native-vlan 1
interface eth1 native-vlan 1
interface wifi0 radio profile ECMHSP-radio_ng_ng0
interface wifi0 radio tx-power-control auto
interface wifi1 radio profile radio_ng_ac0
interface wifi1 mode access
interface wifi1 radio tx-power-control auto
interface mgt0 hive Hive-Profile-1
interface wifi0 ssid ECMHSP-GUEST
interface wifi1 ssid ECMHSP-GUEST
interface wifi0 ssid ECMHSP
interface wifi1 ssid ECMHSP
system led power-saving-mode delay 24 on 4 off 64
kddr enable
security wlan-idp profile ECMHSP
security wlan-idp profile ECMHSP ap-policy
security wlan-idp profile ECMHSP adhoc
security wlan-idp profile ECMHSP ap-detection connected
security wlan-idp profile ECMHSP ap-detection client-mac-in-net
security wlan-idp profile ECMHSP sta-report
interface wifi0 wlan-idp profile ECMHSP
interface wifi1 wlan-idp profile ECMHSP
hostname "Finance side "
admin root-admin admin password ***
dns server-ip 208.67.222.222
dns server-ip 208.67.220.220 second
ntp server 0.aerohive.pool.ntp.org
ntp server 1.aerohive.pool.ntp.org second
ntp server 2.aerohive.pool.ntp.org third
ntp server 3.aerohive.pool.ntp.org fourth
clock time-zone -5
clock time-zone daylight-saving-time 03-12 01:59:59 11-05 01:59:59
config version 79712224
config rollback enable
device-location "2700 Wycliff Rd Ste 302|Floor 3"
mac-object Aerohive-001977 mac-range 0019:7700:0000 - 0019:77ff:ffff
mac-object Samsung-Tablets-044665 mac-range 0446:6500:0000 - 0446:65ff:ffff
mac-object Aerohive-D854A2 mac-range d854:a200:0000 - d854:a2ff:ffff
mac-object Aerohive-F09CE9 mac-range f09c:e900:0000 - f09c:e9ff:ffff
mac-object FBAndroid mac-range 8cf5:a300:0000 - 8cf5:a3ff:ffff
mac-object Aerohive-9C5D12 mac-range 9c5d:1200:0000 - 9c5d:12ff:ffff
mac-object Aerohive-C413E2 mac-range c413:e200:0000 - c413:e2ff:ffff
mac-object Aerohive-4018B1 mac-range 4018:b100:0000 - 4018:b1ff:ffff
mac-object Samsung-Tablets-5C0A5B mac-range 5c0a:5b00:0000 - 5c0a:5bff:ffff
mac-object Aerohive-885BDD mac-range 885b:dd00:0000 - 885b:ddff:ffff
mac-object Aerohive-E01C41 mac-range e01c:4100:0000 - e01c:41ff:ffff
mac-object Samsung-Tablets-6021C0 mac-range 6021:c000:0000 - 6021:c0ff:ffff
mac-object Aerohive-C8665D mac-range c866:5d00:0000 - c866:5dff:ffff
mac-object Aerohive-B87CF2 mac-range b87c:f200:0000 - b87c:f2ff:ffff
mac-object Aerohive-C8675E mac-range c867:5e00:0000 - c867:5eff:ffff
mac-object Samsung-Tablets-5CF8A1 mac-range 5cf8:a100:0000 - 5cf8:a1ff:ffff
mac-object Aerohive-08EA44 mac-range 08ea:4400:0000 - 08ea:44ff:ffff
capwap client server name hmng-prd-va-cwps-15.aerohive.com
capwap client server backup name hmng-prd-va-cwpm-01.aerohive.com
capwap client dtls hm-defined-passphrase *** key-id 1
capwap client vhm-name VHM-EBAQEUCB
no capwap client dtls negotiation enable
location aerohive enable
no location aerohive list-match enable
user-profile GUESTVLAN qos-policy def-user-qos vlan-id 192 attribute 2
ip-policy Guest-Internet-Access-Only
ip-policy Guest-Internet-Access-Only id 1 service DHCP-Server action permit
ip-policy Guest-Internet-Access-Only id 2 service DNS action permit
ip-policy Guest-Internet-Access-Only id 3 to 10.0.0.0 255.0.0.0 service any action deny
ip-policy Guest-Internet-Access-Only id 4 to 172.16.0.0 255.240.0.0 service any action deny
ip-policy Guest-Internet-Access-Only id 5 to 192.168.0.0 255.255.0.0 service any action deny
ip-policy Guest-Internet-Access-Only id 6 service any action permit
user-profile GUESTVLAN security ip-policy from-access Guest-Internet-Access-Only
user-profile GUESTVLAN ip-policy-default-action permit
no bonjour-gateway enable
application reporting auto
application reporting upload https://cloud-va.aerohive.com:443/afs-webapp/l7report/22933/ time-window 15 admin VHM-EBAQEUCB password *** basic
Photo of Metka Dragos

Metka Dragos

  • 51 Posts
  • 11 Reply Likes
Thank you very much ! Let me look into this and get back to you
Photo of Metka Dragos

Metka Dragos

  • 51 Posts
  • 11 Reply Likes
Couple more questions:  this running config is not from the access point that reported the problem, issue shows AP002

Issue is a year old, is it repeated or was this one time occurrence?
Photo of Arpit Parikh

Arpit Parikh

  • 8 Posts
  • 0 Reply Likes
Hello Metka,

yes it's repeated randomly and throwing an error as "Client was denied by ACL. "
and I have check my time schedule and everything but still few times it's throwing this error. 
Photo of Metka Dragos

Metka Dragos

  • 51 Posts
  • 11 Reply Likes
Thank you very much for your time, we are working on the issue.