Own APs as Honeypot?!

Answered Question
Mar 23rd, 2009

Hello Group,

my newly deployed Wireless has some little quirks. One of them is that APs on the same Controller (AP 1250 and WiSM) detect each other as honeypot - sending a trap, but than it is nowhere in the rogues (it shouldn't, so this is good) - but the trap is sent. This is very annoying.

Potential Honeypot AP detected from Rogue MAC : 00:24:14:31:d9:1f on Base Radio MAC : 00:24:14:31:d7:20 Interface no:1(802.11a) with SSID: ssid

both APs are on the same controller, the detectet AP has another base radio mac of course, but this mac belongs to it on one SSID.

Is this a Bug or something misconfigured?

Edit to add: oh, right, I'm running 5.2.157.0

I have this problem too.
0 votes
Correct Answer by Leo Laohoo about 7 years 8 months ago

Hi Stefan,

1. This is a bug since the early 4.x days.

2. It's mostly cause/aggravated with the fact that the "honeypot" AP is located too close to the other AP. You can try to relocate the AP somewhere else or modify the settings for the Radio Resource Management.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Leo Laohoo Mon, 03/23/2009 - 15:04

Hi Stefan,

1. This is a bug since the early 4.x days.

2. It's mostly cause/aggravated with the fact that the "honeypot" AP is located too close to the other AP. You can try to relocate the AP somewhere else or modify the settings for the Radio Resource Management.

mbaez Fri, 04/10/2015 - 06:23

I have release 7.6 and got the same and WAP's are 70' away from each other and the are in the lower Tx Power option

artem_oliynyk Thu, 04/16/2009 - 07:40

Hi all,

we have same problem with the currently last version 5.2.178 (WiSM).

Thanks a lot.

Bye,

Artem

ssaluga Tue, 04/21/2009 - 17:53

Hello All,

We are having the same issues with 4404's running 5.2.178.

With WCS version 5.2.130 we are getting tons of "AP impersonation" errors also.

Thanks,

Scott Saluga

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode