Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
3
Replies

How can I block illegal wireless using WCS?

bmath
Level 1
Level 1

‎12-29-2009 09:24 AM - edited ‎07-03-2021 06:22 PM

Hi,

I wondering if there is a way in WCS to prevent or shut any new wireless Networks that it sees other than its managed ones? If WCS does not do it is there a software.

Thanks

B Mathews

Labels:
0 Helpful
3 Replies 3

Kayle Miller
Level 7
Level 7

‎12-29-2009 10:19 AM

Bmath,

     There are containment features for rogue access points (or atleast there used to be), it is not advised for legal reasons. Since the 2.4Ghz (802.11b/g/n) and 5Ghz (802.11a/n) frequencies are unlicensed it means anyone can use them at any time as long as they don't exceed the FCC maximum power limits, if you were to Jam them or act in such a way as to inhibit any persons use of the band then you would be breaking an FCC law (See FCC Part 15); Which basically states "any such device is that it may not cause any harmful interference." and theoretically since that is the direct intent of jamming or containment is to cause harmful interference then could potentially seek legal action.

     So my advice to you would be to research it further before you take any actions and even then make sure you are legally covered, since you have no legal rights to the frequency and therefore can't claim it as solely your own, the same applies to the other, this is an area where it's best to try and work with the other WiFi owners and see if you can find a compromise.

Hope this helps.

http://www.fcc.gov/oet/info/documents/bulletins/#63

http://www.arrl.org/tis/info/part15.html

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to Kayle Miller

‎12-29-2009 12:08 PM

To piggy back on KM post.

You can use Rogue Containment as an option. RC when enabled tells your Cisco APs to spoof the mac address of the rogue AP and send deauth frames to any clients wanting to attach to the rogue access point. So you dont touch the rogue AP, you just tell the clients not to attach to it.

keep in mind, I actually did some light testing where we had over 200 rogues and turned on full out RC on everything as a brift test. I found the medium suffered by 20% as the APs were taking up the medium sending excessive deauthication frames.

RC is mostly use to put a rogue in check until you can investgate it ... Not something that is niormally left on by most clients.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-29-2009 03:10 PM

And to piggyback Kayles and George's post:

I have used the WLC/WCS Containment option successfully (much to the chagrin of my employer) several times.  Before we employed WCS and because of the serious repercussion if I "prosecuted" the wrong AP, I had to be very sure the Rogue AP and/or Clients were INSIDE the WLAN/LAN premises of my employer.  I don't care if the Rogue APs and/or Clients were OUTSIDE the physical building of my employer.  I was given the green-light for those found inside the four corners of the building.  I used a crude method of triangulating the location of the Rogue AP and contained the AP.

After several successful "prosecution" of Rogues, our team became known as the Wireless Gestapo.

My advice is:  Aim before you shoot.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card