We are running WLC 5508 (ver 7.5.102) with about 100 AP. AP ranges from Cisco 1130 series to the recent 3600 series.
Recently, the WLC has been giving messages about rogue device spoofing (see example).
I figure I need to bring a tool to the AP area, and sniffer the air to find out what 's going on and where is the offender.
Would you please suggest any tool that I can download or purchase?
I am thinking perhaps a simple and easy to use small handheld wireless device would be nice to locate the trouble maker.
Thanks in advance.
Syslog message example:
Jan 16 11:47:00 my-wlc: *spamApTask3: Jan 16 11:47:00.297: #LWAPP-1-AP_CONTAINED: spam_lrad.c:37013 AP my-wireless-ap-123 is being contained on slot 1
Prime Infrasturcutre 2.0 message:
AP 'my-wireless-ap-123' is being contained. This is due to rogue device spoofing or targeting AP 'my-wireless-ap-123' BSSID on '802.11a' radio. - Controller Name: my-wlc
I am not a linux laptop user. So, if you have suggestion about wireless tool, it would be useful if the tool can run on Windows 7 OS.