Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
781
Views
0
Helpful
5
Replies

testing rouge detection 802.11N is under the radar of the wireless network

michael.lussier
Level 1
Level 1

‎02-20-2009 08:06 AM - edited ‎07-03-2021 05:12 PM

I was testing rouge detection and port location. My rouge is a new 802.11N Linksys home AP. The AP is up on the network and I have a laptop connected and using the AP.

The lwap AP's within the vacinity have yet to see it and identify the device. The APs on the lwap side are 1252's and they are all fully functional. 4.2.176.0 is the code that is in place right now. Our scheduled upgrade to 5.2 is weeks away.

WCS has yet to report this rouge on the network nor the fact that it is also on the wired network as well. Has anyone else seen this ? This is a big concern from two fronts. State office locations using these devices and the fact that they can't be identified.

Labels:
0 Helpful
5 Replies 5

Johannes Luther
Level 4
Level 4

‎02-20-2009 09:23 AM

I have a few questions regarding your case:

- Do you broadcast the SSID on your rogue AP?

- Do you use WEP/WPA/WPA2 on your rogue AP, or is it an open network?

0 Helpful

michael.lussier
Level 1
Level 1
In response to Johannes Luther

‎02-20-2009 11:00 AM

YEs I did turn on Broadcast and the rouge was running a WPA2-PSK network

0 Helpful

Johannes Luther
Level 4
Level 4
In response to michael.lussier

‎02-20-2009 12:23 PM

The rogue discovery protocol works like that (I guess):

The AP, that detects the rogue AP, associates with the rogue - obtains an IP via DHCP and pings the management IP of the WLC. If the WLC responds, the rogue is in the wired network.

I doubt it'll work, if the rogue AP has encryption/authentication in place.

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni

‎02-21-2009 06:33 AM

I gather you cant even see the rogue to test if it is on your wire.

Here is a link that may help you. I would also recommend putting the AP in rogue dect mode for giggles...

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml')">http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-04-2009 03:48 PM

Go to Security -> Wireless Protection Policy -> Rogue Policies and verify your settings.

You can also go to Rogue Rules and add specific details.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card