WLC4404: authenticating LWAPPs.

Unanswered Question
Jul 17th, 2008

Hi,

I want so secure my WLAN against rogue LWAPPs. I found the option "Authorize APs against AAA" under "SECURITY -> AAA -> AP Policies". So, it's only possible to authorize them against my IAS RADIUS server?

How dou you protect your network agaisnt rogue LWAPPs? I didn't finde a best practice my Cisco. TIA.

Simon

edit: I'm running 5.0.148.0 on a AIR-WLC4404-100-K9.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 07/18/2008 - 04:39

I don't see why you can't use IAS, you just have to cross reference the doc that explains how to set it up in Cisco ACS:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1

One way to protect you network against rogue LWAPP's is to make sure your unused ports are shut and configured for a bogus vlan just in case. Have your LAP's on a separate vlan, so that the vlan or subnet is the only subnet that can communicate to the wlc.

Actions

This Discussion

 

 

Trending Topics - Security & Network