Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

LAP 1131 Monitor mode configuration

Hi,

Can anyone assist me in setting up monitor-mode on an 1131?

I've got WCS, WiSMs and 27 flrs (27 vlans) of LAPs. I want to test 'Monitor Mode' on a dedicated LAP. I've got as far as configuring a trunk on the connecting switch, for the LAP, but I'm unsure where to go next.

How do I know/verify it's working or building an ARP cache?

2 REPLIES
Hall of Fame Super Red

Re: LAP 1131 Monitor mode configuration

Hi David,

Maybe this will help get you started;

The Monitor function is set for all 802.11 Cisco Radios on a per-access point basis using any of the Cisco Wireless LAN Controller user interfaces.

You can configure an individual AP mode simply, once the Lightweight AP is connected to the controller. In order to change the AP mode, connect to the controller web-interface and navigate to Wireless. Click on Details next to the desired AP to in order to display a configuration screen.

A Lightweight AP mode of operation defines the role of the AP. The modes related to the information presented in this document are:

Local This is the normal operation of an AP. This mode allows data clients to be serviced while configured channels are scanned for noise and rogues. In this mode of operation, the AP goes off-channel for 50 ms and listens for rogues. It cycles through each channel, one at a time, for the period specified under the Auto RF configuration.

Monitor This is radio receive only mode, and allows the AP to scan all configured channels every 12 seconds. Only de-authentication packets are sent in the air with an AP configured this way. A monitor mode AP can detect rogues, but it cannot connect to a suspicious rogue as a client in order to send the RLDP packets.

Note: DCA refers to non-overlapping channels that are configurable with the default modes.

Rogue Detector In this mode, the AP radio is turned off, and the AP listens to wired traffic only. The controller passes the APs configured as rogue detectors as well as lists of suspected rogue clients and AP MAC addresses. The rogue detector listens for ARP packets only, and can be connected to all broadcast domains through a trunk link if desired.

From this good doc;

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml

Hope this helps!

Rob

Community Member

Re: LAP 1131 Monitor mode configuration

Thx for your feedback Rob.

Have you tested or deployed this? Does it work well?

Cheers

David

418
Views
0
Helpful
2
Replies
CreatePlease to create content