WLC4404: authenticating LWAPPs.

Unanswered Question
Jul 17th, 2008
User Badges:


I want so secure my WLAN against rogue LWAPPs. I found the option "Authorize APs against AAA" under "SECURITY -> AAA -> AP Policies". So, it's only possible to authorize them against my IAS RADIUS server?

How dou you protect your network agaisnt rogue LWAPPs? I didn't finde a best practice my Cisco. TIA.


edit: I'm running on a AIR-WLC4404-100-K9.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Fri, 07/18/2008 - 04:39
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

I don't see why you can't use IAS, you just have to cross reference the doc that explains how to set it up in Cisco ACS:


One way to protect you network against rogue LWAPP's is to make sure your unused ports are shut and configured for a bogus vlan just in case. Have your LAP's on a separate vlan, so that the vlan or subnet is the only subnet that can communicate to the wlc.


This Discussion



Trending Topics - Security & Network