Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
2
Replies

Rogue AP Detection and elimination

john smith
Level 1
Level 1

‎12-30-2011 02:37 AM - edited ‎07-03-2021 09:18 PM

I have detected some rogue APs via our WCS but I don't know how to deauthenticate them so they become unusable.

there is one option i got to "contain" them

but i don't know how to contain them

any body has idea that how i can contain them from WCS or WLC

thanks

Labels:
0 Helpful
2 Replies 2

Scott Fella
Hall of Fame
Hall of Fame

‎12-30-2011 05:53 AM

It's illegal (well you can get in trouble) to do this and really shouldn't be used, but here is a link.

http://www.cisco.com/en/US/docs/wireless/wcs/6.0/configuration/guide/6_0sol.html#wp1040128

You can also use the WLC.  Go to Monitor | Rogues | Choose one from the list and then click on the mac address of the rogue AP.  There is a drop down box that has the containment.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

George Stefanick
VIP Alumni
VIP Alumni

‎12-30-2011 08:01 AM

So you know how this works. Your access points will spoof the mac address of the rogue access point and will flood the air with deauthentication frames. This tells clients that want to attach to the rogue access point to "go away".

As Scott points out there could be legal ramifications to this.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card